var-201402-0267
Vulnerability from variot
The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password. The SpeedSurf 504AN and Kasda KW58293 modems distributed by PLDT contain multiple vulnerabilities. The BaudTec ADSL2+ Router may also be affected. ZTE ZXV10 W300 router version 2.1.0, and possibly earlier versions, contains hardcoded credentials. (CWE-798). ASUS , DIGICOM , Observa Telecom , Philippine Long Distance Telephone (PLDT) , ZTE Provided by DSL The router has a hard-coded password "XXXXaircon" There is a problem to use. ASUS DSL-N12E , DIGICOM DG-5524T , Observa Telecom RTA01N , Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN , ZTE ZXV10 W300S Etc. DSL The router has telnet There is a problem that authentication information that can be used to access the device is hard-coded. The username is ASUS , DIGICOM , Observa Telecom , ZTE In the equipment of "admin" But, PLDT In the equipment of "adminpldt" Is used and the password is "XXXXairocon" ( XXXX Is the equipment MAC The last four digits of the address are used. MAC Address is SNMP Community string public May be able to get through. Authentication information ( password ) Is hard-coded (CWE-798) CWE-798: Use of Hard-coded Credentials https://cwe.mitre.org/data/definitions/798.html This vulnerability ZTE ZXV10 W300 As a matter of 2014 Year 2 A month JVNVU#99523838 Published on CVE-2014-0329 Has been assigned. This time, products from several other vendors have been found to have the same vulnerability. Observa Telecom RTA01N For vulnerabilities in 2015 Year 5 A month Full Disclosure It is published in JVNVU#99523838 https://jvn.jp/vu/JVNVU99523838/ Full Disclosure http://seclists.org/fulldisclosure/2015/May/129A remote attacker could use the authentication information and gain access to the device as an administrator. ZTE Provided by ZXV10 W300 Has a problem with hard-coded credentials. Multiple DSL Routers are prone to a security-bypass vulnerability. The vulnerability stems from the fact that the program installation uses default hard-coded credentials, and the first four digits of the admin account password 'XXXXairocon' are set to the last four digits of the MAC address
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0267",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "zxv10 w300",
"scope": "eq",
"trust": 2.2,
"vendor": "zte",
"version": "2.1.0"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "philippine long distance telephone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "zte",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "digicom hk",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "observa telecom",
"version": null
},
{
"model": "dsl-n12e",
"scope": null,
"trust": 0.8,
"vendor": "asustek computer",
"version": null
},
{
"model": "dg-5524t",
"scope": null,
"trust": 0.8,
"vendor": "digicom",
"version": null
},
{
"model": "rta01n v2",
"scope": null,
"trust": 0.8,
"vendor": "observa telecom",
"version": null
},
{
"model": "speedsurf 504an",
"scope": null,
"trust": 0.8,
"vendor": "philippine long distance telephone pldt",
"version": null
},
{
"model": "zxv10 w300s",
"scope": null,
"trust": 0.8,
"vendor": "zte",
"version": null
},
{
"model": "zxv10 w300",
"scope": "lte",
"trust": 0.8,
"vendor": "zte",
"version": "version 2.1.0"
},
{
"model": "zxv10 w300",
"scope": "eq",
"trust": 0.3,
"vendor": "zte",
"version": "2.1"
},
{
"model": "long distance telephone speedsurf 504an",
"scope": null,
"trust": 0.3,
"vendor": "philippine",
"version": null
},
{
"model": "telecom rta01n",
"scope": "eq",
"trust": 0.3,
"vendor": "observa",
"version": "0"
},
{
"model": "dg-5524t",
"scope": "eq",
"trust": 0.3,
"vendor": "digicom",
"version": "0"
},
{
"model": "dsl-n12e",
"scope": "eq",
"trust": 0.3,
"vendor": "asus",
"version": "0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#525276"
},
{
"db": "CERT/CC",
"id": "VU#950576"
},
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "BID",
"id": "65310"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:asus:dsl-n12e",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:digicom:dg-5524t",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:misc:observa_telecom_rta01n_v2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:philippine_long_distance_telephone:pldt_speedsurf_504an",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:zte:zxv10_w300s",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cesar Neira",
"sources": [
{
"db": "BID",
"id": "65310"
}
],
"trust": 0.3
},
"cve": "CVE-2014-0329",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0329",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 9.3,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 5.4,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "CVE-2014-0329",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "UNCOFIRMED",
"severity": "HIGH",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2015-004558",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-00705",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-67822",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-0329",
"trust": 1.6,
"value": "HIGH"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2014-0329",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2015-004558",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-00705",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-026",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-67822",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "VULHUB",
"id": "VHN-67822"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account, which allows remote attackers to obtain administrative access by leveraging knowledge of the MAC address characters present at the beginning of the password. The SpeedSurf 504AN and Kasda KW58293 modems distributed by PLDT contain multiple vulnerabilities. The BaudTec ADSL2+ Router may also be affected. ZTE ZXV10 W300 router version 2.1.0, and possibly earlier versions, contains hardcoded credentials. (CWE-798). ASUS , DIGICOM , Observa Telecom , Philippine Long Distance Telephone (PLDT) , ZTE Provided by DSL The router has a hard-coded password \"XXXXaircon\" There is a problem to use. ASUS DSL-N12E , DIGICOM DG-5524T , Observa Telecom RTA01N , Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN , ZTE ZXV10 W300S Etc. DSL The router has telnet There is a problem that authentication information that can be used to access the device is hard-coded. The username is ASUS , DIGICOM , Observa Telecom , ZTE In the equipment of \"admin\" But, PLDT In the equipment of \"adminpldt\" Is used and the password is \"XXXXairocon\" ( XXXX Is the equipment MAC The last four digits of the address are used. MAC Address is SNMP Community string public May be able to get through. Authentication information ( password ) Is hard-coded (CWE-798) CWE-798: Use of Hard-coded Credentials https://cwe.mitre.org/data/definitions/798.html This vulnerability ZTE ZXV10 W300 As a matter of 2014 Year 2 A month JVNVU#99523838 Published on CVE-2014-0329 Has been assigned. This time, products from several other vendors have been found to have the same vulnerability. Observa Telecom RTA01N For vulnerabilities in 2015 Year 5 A month Full Disclosure It is published in JVNVU#99523838 https://jvn.jp/vu/JVNVU99523838/ Full Disclosure http://seclists.org/fulldisclosure/2015/May/129A remote attacker could use the authentication information and gain access to the device as an administrator. ZTE Provided by ZXV10 W300 Has a problem with hard-coded credentials. Multiple DSL Routers are prone to a security-bypass vulnerability. The vulnerability stems from the fact that the program installation uses default hard-coded credentials, and the first four digits of the admin account password \u0027XXXXairocon\u0027 are set to the last four digits of the MAC address",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-0329"
},
{
"db": "CERT/CC",
"id": "VU#525276"
},
{
"db": "CERT/CC",
"id": "VU#950576"
},
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "BID",
"id": "65310"
},
{
"db": "VULHUB",
"id": "VHN-67822"
}
],
"trust": 5.4
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.kb.cert.org/vuls/id/228886",
"trust": 0.8,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-67822",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "VULHUB",
"id": "VHN-67822"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#228886",
"trust": 5.0
},
{
"db": "NVD",
"id": "CVE-2014-0329",
"trust": 3.4
},
{
"db": "BID",
"id": "65310",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#950576",
"trust": 1.9
},
{
"db": "JVN",
"id": "JVNVU99523838",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#525276",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "102816",
"trust": 1.1
},
{
"db": "PACKETSTORM",
"id": "125142",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU90419607",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201402-026",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-00705",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "31527",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-84851",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-67822",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#525276"
},
{
"db": "CERT/CC",
"id": "VU#950576"
},
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "VULHUB",
"id": "VHN-67822"
},
{
"db": "BID",
"id": "65310"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"id": "VAR-201402-0267",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "VULHUB",
"id": "VHN-67822"
}
],
"trust": 1.2833333
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00705"
}
]
},
"last_update_date": "2024-11-23T22:13:49.810000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ZXV10 W300S",
"trust": 1.6,
"url": "http://wwwen.zte.com.cn/en/products/access/cpe/201302/t20130204_386351.html"
},
{
"title": "DSL-N12E",
"trust": 0.8,
"url": "https://www.asus.com/Networking/DSLN12E/"
},
{
"title": "DG-5524T",
"trust": 0.8,
"url": "http://www.digicom.com.hk/index.php?section=products\u0026action=details\u0026id=156#.Vd5djH1K5ve"
},
{
"title": "Router ADSL Observa RTA01N v2",
"trust": 0.8,
"url": "http://www.movistar.es/particulares/atencion-cliente/internet/adsl/equipamiento-adsl/routers/router-adsl-observa-rta01n-v2/"
},
{
"title": "PLDT - Philippine Long Distance Telephone Company (Top Page)",
"trust": 0.8,
"url": "http://www.pldt.com/"
},
{
"title": "ZTE ZXV10 W300 Router Information Disclosure Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/43267"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.9
},
{
"problemtype": "CWE-798",
"trust": 0.8
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "VULHUB",
"id": "VHN-67822"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.kb.cert.org/vuls/id/228886"
},
{
"trust": 1.6,
"url": "http://seclists.org/fulldisclosure/2015/may/129"
},
{
"trust": 1.1,
"url": "http://wwwen.zte.com.cn/en/products/access/cpe/201302/t20130204_386351.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/65310"
},
{
"trust": 1.1,
"url": "http://blog.alguien.at/2014/02/hackeando-el-router-zte-zxv10-w300-v21.html"
},
{
"trust": 1.1,
"url": "http://packetstormsecurity.com/files/125142/zte-zxv10-w300-hardcoded-credentials.html"
},
{
"trust": 1.1,
"url": "http://osvdb.org/102816"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90958"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/950576"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.8,
"url": "https://www.asus.com/networking/dsln12e/"
},
{
"trust": 0.8,
"url": "http://www.digicom.com.hk/index.php?section=products\u0026action=details\u0026id=156#.vdzitpcuzl0"
},
{
"trust": 0.8,
"url": "http://www.movistar.es/particulares/atencion-cliente/internet/adsl/equipamiento-adsl/routers/router-adsl-observa-rta01n-v2/"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99523838/"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90419607/index.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0329"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu99523838/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0329"
},
{
"trust": 0.3,
"url": "http://www.kb.cert.org/vuls/id/525276"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#525276"
},
{
"db": "CERT/CC",
"id": "VU#950576"
},
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "VULHUB",
"id": "VHN-67822"
},
{
"db": "BID",
"id": "65310"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#525276"
},
{
"db": "CERT/CC",
"id": "VU#950576"
},
{
"db": "CERT/CC",
"id": "VU#228886"
},
{
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"db": "VULHUB",
"id": "VHN-67822"
},
{
"db": "BID",
"id": "65310"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-08-31T00:00:00",
"db": "CERT/CC",
"id": "VU#525276"
},
{
"date": "2015-08-25T00:00:00",
"db": "CERT/CC",
"id": "VU#950576"
},
{
"date": "2014-02-03T00:00:00",
"db": "CERT/CC",
"id": "VU#228886"
},
{
"date": "2014-02-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"date": "2014-02-04T00:00:00",
"db": "VULHUB",
"id": "VHN-67822"
},
{
"date": "2014-02-03T00:00:00",
"db": "BID",
"id": "65310"
},
{
"date": "2015-09-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"date": "2014-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"date": "2014-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"date": "2014-02-04T05:39:08.450000",
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-17T00:00:00",
"db": "CERT/CC",
"id": "VU#525276"
},
{
"date": "2015-08-27T00:00:00",
"db": "CERT/CC",
"id": "VU#950576"
},
{
"date": "2014-03-14T00:00:00",
"db": "CERT/CC",
"id": "VU#228886"
},
{
"date": "2014-02-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-00705"
},
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-67822"
},
{
"date": "2015-11-03T19:21:00",
"db": "BID",
"id": "65310"
},
{
"date": "2015-09-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-004558"
},
{
"date": "2014-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-001305"
},
{
"date": "2014-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-026"
},
{
"date": "2024-11-21T02:01:53.493000",
"db": "NVD",
"id": "CVE-2014-0329"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#525276"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-026"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.