CVE-2021-30167 (GCVE-0-2021-30167)
Vulnerability from cvelistv5
Published
2021-04-28 09:30
Modified
2024-09-17 02:32
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-522 - Insufficiently Protected Credentials
Summary
The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.
References
Impacted products
Vendor Product Version
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera firmware Version: unspecified   <
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:24:59.549Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "P2/Z2/P3/Z3 IP camera firmware",
          "vendor": "MERIT LILIN ENT.CO.,LTD.",
          "versions": [
            {
              "lessThanOrEqual": "7.1.94.8908",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-04-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user\u2019s information and escalate privileges to control the devices."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-522",
              "description": "CWE-522 Insufficiently Protected Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-28T09:30:43",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Update P2/Z2/P3/Z3 IP camera firmware to SVN9695."
        }
      ],
      "source": {
        "advisory": "TVN-202104003",
        "discovery": "EXTERNAL"
      },
      "title": "MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "TWCERT/CC",
          "ASSIGNER": "cve@cert.org.tw",
          "DATE_PUBLIC": "2021-04-28T09:08:00.000Z",
          "ID": "CVE-2021-30167",
          "STATE": "PUBLIC",
          "TITLE": "MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "P2/Z2/P3/Z3 IP camera firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "7.1.94.8908"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "MERIT LILIN ENT.CO.,LTD."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user\u2019s information and escalate privileges to control the devices."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-522 Insufficiently Protected Credentials"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html",
              "refsource": "MISC",
              "url": "https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html"
            },
            {
              "name": "https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf",
              "refsource": "MISC",
              "url": "https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf"
            },
            {
              "name": "https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e",
              "refsource": "MISC",
              "url": "https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e"
            },
            {
              "name": "https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388",
              "refsource": "MISC",
              "url": "https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Update P2/Z2/P3/Z3 IP camera firmware to SVN9695."
          }
        ],
        "source": {
          "advisory": "TVN-202104003",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2021-30167",
    "datePublished": "2021-04-28T09:30:44.048207Z",
    "dateReserved": "2021-04-06T00:00:00",
    "dateUpdated": "2024-09-17T02:32:23.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-30167\",\"sourceIdentifier\":\"twcert@cert.org.tw\",\"published\":\"2021-04-28T10:15:08.697\",\"lastModified\":\"2024-11-21T06:03:26.473\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user\u2019s information and escalate privileges to control the devices.\"},{\"lang\":\"es\",\"value\":\"Los servicios de administraci\u00f3n de perfiles de usuarios del dispositivo de c\u00e1mara de red permiten un autenticado.\u0026#xa0;Unos atacantes remotos pueden modificar un par\u00e1metro URL y enmendar a\u00fan m\u00e1s la informaci\u00f3n del usuario y escalar privilegios para controlar los dispositivos\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-522\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r8852e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"CFB3042C-114F-4ED1-BA00-F20A5C0BB6E2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r8852e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8A9131E-7A7A-48AA-A429-6699314C1380\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r8852e4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"3841D1B9-CD30-4973-94F2-92320BF0C103\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r8852e4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B92D194-8C53-405B-ACB9-94C56ABD5107\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6852e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"586C449F-5D4C-4CF5-B596-4053F8AB0687\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6852e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D94D053-743A-4AF6-9E05-6C7A87A8913C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6852e4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"94A22430-713F-49C4-87F5-4FB86BB3E485\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6852e4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6CC342A-E6D4-4ED7-B789-20FDA4FB3D0B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6552e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"673FCCE6-2C02-48BD-B939-F4255E2CA75E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6552e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77F82003-A28A-49FB-8D95-097AE4FB1B76\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6552e4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"3E71580E-DB0C-4535-B024-C53545EEB48D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6552e4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14491B1B-C538-4E89-A54E-7BC94D7B13C9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6352ae2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"D3425C76-A78A-45A4-8A68-73B11EBBD01C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6352ae2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E7BADDD-62D2-49B6-86C4-0E05BAF7EC14\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6352ae4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"64AA3B69-1A87-42DD-9A40-3F4F2D7E7B55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6352ae4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"086E6695-0FFE-4BE9-9DDA-45BE7C99D08D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r3052ae2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"4158A2E5-FFC4-4AEE-BCB7-BDF0B0E48230\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r3052ae2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C42315B3-4517-445F-86E3-BC40232F5C3C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2g1052_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"B5549217-0A9A-427F-ACE3-715A6659751C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2g1052:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C89F93-BC20-4900-B8E6-B69748CCF092\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r8822e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"C3A91BE4-5D41-47D1-819B-A643B5CF004E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r8822e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6009643F-3561-46DC-826A-468F151E70E7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r8822e4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"25B11AE1-0BA2-4CFC-A380-E1C1B4ABBEDC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r8822e4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"511A3B5D-0072-45E2-9E15-374878CB6B0F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6822e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"1F733549-52C0-4446-99C2-1810F4CB0986\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6822e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C58F1D2D-8819-4C2B-B09A-B0994AA1F88D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6822e4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"0C2E927A-A1FC-4119-8461-CB1FAB017450\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6822e4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7099C696-1D93-4F30-BE3E-882FBCC038DE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6522e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"C02C3F98-AE69-42CF-96D2-B3395CAFD9A5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6522e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7FDCC54-133A-4B07-8EC7-A67F549DC36B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6522e4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"CC814A10-FB02-4514-83DE-FA50E15B718B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6522e4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F331BA80-FD4D-441F-806D-C0AF83DA11C8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6322ae2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"F4A05F71-3B29-4C76-B22D-D863BFC9F3D7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6322ae2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5C6C6F4-9C6E-4766-82D3-FA15EF407229\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r6322ae4_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"F033D14F-D552-4405-B8E3-86DC321DFA55\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r6322ae4:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469978BD-A042-48F4-B84C-8A0CC4FC0E6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2r3022ae2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"23CF2710-27A7-422C-8B75-BEC9FA0FCEDA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2r3022ae2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE10197E-C9DB-44AA-9DD5-7B7B0F9928B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2g1022_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"D465D429-4EB0-4CBC-A909-7D8F08778073\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2g1022:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23C92472-6E8E-420F-BFDE-049AC04119FC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p2g1022x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"FD289724-B816-4CC8-887E-47ED3AB91A1C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p2g1022x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55B90FBD-F9B9-4148-A684-16CF619C288C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8852ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"982899DC-A4D1-42D9-918A-D94A1F4FB2C1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8852ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7A487D8-6707-408D-A518-8BB3F9A722E9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8152x-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"655AC751-6600-478E-9EBD-A74426688E06\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8152x-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0583B058-0526-4E5F-A3D7-45FAE9319211\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8152x2-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"49D69485-E371-46E1-8304-AD227E9FA1B6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8152x2-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129F9D32-D19E-492D-AA76-3A46B92C7B45\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8052ex25_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"5F178AD2-A191-4B0E-9277-8FBDC47EBB71\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8052ex25:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60B747B7-2CD6-4CF7-9371-8EF93880E307\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r6552x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"32FA5EE1-CF52-4922-A274-FC4F1B69622A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r6552x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2FA0C8-9658-4B11-B704-84375D6E5D7C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r6452ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"2E426C3C-09D9-40E2-B2C6-F1C44CC3B19D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r6452ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFD844D5-99A0-4B7D-BFC9-24479F4381C0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r6452ax-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"CAAB99C4-C873-4024-B4D5-D87D485C78BB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r6452ax-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF4ACEC-138D-4CB0-8CF7-427CAF3AE34E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8822ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"CDDB6F5E-8960-4FAB-8D03-78C2C9C64A68\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8822ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABC3ACBE-C2D0-4302-9ED1-0E12D6772E2D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8122x-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"AAEED646-3171-407E-BFD6-69A822A98592\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8122x-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98A07293-5D9E-4065-855C-92610938C4FC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8122x2-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"8CF12021-1726-452B-A5B4-9088A9455B91\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8122x2-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB153E8F-E997-462C-A876-2C8338C3FF46\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r8022ex25_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"D4262E24-A9EE-446D-906D-DFCA9F388751\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r8022ex25:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C930EF97-0E3E-4782-A0F1-DFBB9931A71A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r6522x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"764E9C36-84F8-4A54-A4D3-5BFB0F621999\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r6522x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"691D3A4C-12FB-4C62-9A44-A6F6F3497097\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r6422ax_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"93C2A216-620C-4A19-B058-A196FF6EC53D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r6422ax:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A212B55-6EC4-4136-9AF6-F0B0514EBAA1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z2r6422ax-p_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"C2238B38-274F-441A-B96E-B790D347B109\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z2r6422ax-p:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC54DA97-FCD0-4800-A5C7-A93EED87AE5E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p3r6322e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"00D4B74D-4E42-4BF2-A69C-E53EB51CC76B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p3r6322e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25FFC5F6-35D2-4ECC-9CE4-A6EAD55D0248\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p3r6522e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"25ABE04A-183C-4077-BD0E-4D920CFCBDCA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p3r6522e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D836DA90-CA22-416D-9AD1-2E04C8FBD285\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:p3r8822e2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"1B232619-A97C-4C4A-B1C7-4B954274F2E1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:p3r8822e2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E20064E5-8988-4BB1-9731-46015374C29C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z3r6422x3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"25BF7A29-2E39-41C1-A509-AC2331554070\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z3r6422x3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E5BADF1-23EB-418F-8E30-1616329C9B16\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z3r6522x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"CE621ECE-B0E2-41A3-8EA9-CA2935375DE2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z3r6522x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD6E9CD5-D9AC-473B-8A50-9BBDDC4551D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:meritlilin:z3r8922x3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1.94.8908\",\"matchCriteriaId\":\"881EEE2D-F400-41A1-BD59-35B569248C0D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:meritlilin:z3r8922x3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D830A98B-407C-4425-9371-D1813B5CA618\"}]}]}],\"references\":[{\"url\":\"https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e\",\"source\":\"twcert@cert.org.tw\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388\",\"source\":\"twcert@cert.org.tw\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf\",\"source\":\"twcert@cert.org.tw\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html\",\"source\":\"twcert@cert.org.tw\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://gist.github.com/keniver/86ebef688fb274b534da51ef1a84dd3e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.chtsecurity.com/news/0b733a38-e616-4ff3-86a6-13e710643388\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.meritlilin.com/assets/uploads/support/file/M00166-TW.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.twcert.org.tw/tw/cp-132-4676-391a5-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.