VAR-201307-0369
Vulnerability from variot - Updated: 2023-12-18 13:29ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request. An attacker can exploit this issue to view system configuration information, execute commands and disclose sensitive information. Information obtained may aid in further attacks. This product provides internal routing, wireless link and other functions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0369",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wixfmr-111",
"scope": "eq",
"trust": 1.6,
"vendor": "choice",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "choice",
"version": null
},
{
"model": "green packet 4g wimax modem wixfmr-111",
"scope": null,
"trust": 0.8,
"vendor": "choice",
"version": null
},
{
"model": "communications green packet 4g wimax modem wixfmr-111",
"scope": null,
"trust": 0.3,
"vendor": "choice",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#932044"
},
{
"db": "BID",
"id": "60864"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:choice_wireless:wixfmr-111:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3581"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chris Meller",
"sources": [
{
"db": "BID",
"id": "60864"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3581",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.3,
"collateralDamagePotential": "MEDIUM-HIGH",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 5.3,
"exploitability": "UNPROVEN",
"exploitabilityScore": 8.6,
"id": "CVE-2013-3581",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "UNCOFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-3581",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-63583",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3581",
"trust": 2.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-041",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-63583",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#932044"
},
{
"db": "VULHUB",
"id": "VHN-63583"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote attackers to obtain sensitive information via an Ajax (1) wmxState or (2) netState request. \nAn attacker can exploit this issue to view system configuration information, execute commands and disclose sensitive information. Information obtained may aid in further attacks. This product provides internal routing, wireless link and other functions",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"db": "CERT/CC",
"id": "VU#932044"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "BID",
"id": "60864"
},
{
"db": "VULHUB",
"id": "VHN-63583"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3581",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#932044",
"trust": 3.6
},
{
"db": "JVN",
"id": "JVNVU98995343",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201307-041",
"trust": 0.7
},
{
"db": "BID",
"id": "60864",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-63583",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#932044"
},
{
"db": "VULHUB",
"id": "VHN-63583"
},
{
"db": "BID",
"id": "60864"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"id": "VAR-201307-0369",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63583"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:29:53.726000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://choice-wireless.com/"
},
{
"title": "GREENPACKET 4G MODEM",
"trust": 0.8,
"url": "http://vi.choice-wireless.com/greenpacket-4g-modem"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63583"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "NVD",
"id": "CVE-2013-3581"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/932044"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3581"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu98995343"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3581"
},
{
"trust": 0.3,
"url": "http://us.choice-wireless.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#932044"
},
{
"db": "VULHUB",
"id": "VHN-63583"
},
{
"db": "BID",
"id": "60864"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#932044"
},
{
"db": "VULHUB",
"id": "VHN-63583"
},
{
"db": "BID",
"id": "60864"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-28T00:00:00",
"db": "CERT/CC",
"id": "VU#932044"
},
{
"date": "2013-07-02T00:00:00",
"db": "VULHUB",
"id": "VHN-63583"
},
{
"date": "2013-06-28T00:00:00",
"db": "BID",
"id": "60864"
},
{
"date": "2013-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"date": "2013-07-02T03:43:16.817000",
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"date": "2013-07-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-28T00:00:00",
"db": "CERT/CC",
"id": "VU#932044"
},
{
"date": "2013-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-63583"
},
{
"date": "2013-06-28T00:00:00",
"db": "BID",
"id": "60864"
},
{
"date": "2013-10-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003174"
},
{
"date": "2013-10-11T16:55:32.880000",
"db": "NVD",
"id": "CVE-2013-3581"
},
{
"date": "2013-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Choice Wireless Green Packet 4G WiMax modem vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#932044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-041"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…