VAR-201409-0173
Vulnerability from variot - Updated: 2024-04-20 23:18The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request. Netmaster Cable modem provided by CBW700N Contains an information disclosure vulnerability. Netmaster Cable modem provided by CBW700N Is the default setting SNMP Is enabled. CBW700N Is known SNMP Uses community name, username, password and WiFi There is a vulnerability that leaks information such as keys (CWE-200) . CWE-200: Information Exposure http://cwe.mitre.org/data/definitions/200.htmlUser name, password and password set on the device by a remote third party WiFi You may be able to obtain sensitive information such as keys. The Netmaster Wireless Cable Mode is a wireless modem. Arris Touchstone DG950A 7.10.131 is vulnerable. Netmaster CBW700N is prone to an information-disclosure vulnerability. This may aid in further attacks. Netmaster CBW700N running firmware version 81.447.392110.729.024 is vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cbw700 software",
"scope": "eq",
"trust": 1.6,
"vendor": "netmaster",
"version": "81.447.392110.729.024"
},
{
"model": "cbw700n",
"scope": "eq",
"trust": 1.0,
"vendor": "netmaster",
"version": null
},
{
"model": "cable modem cbw700n",
"scope": null,
"trust": 0.8,
"vendor": "netmaster",
"version": null
},
{
"model": "cable modem cbw700n software",
"scope": "eq",
"trust": 0.8,
"vendor": "netmaster",
"version": "version 81.447.392110.729.024"
},
{
"model": "netmaster",
"scope": "eq",
"trust": 0.6,
"vendor": "netmaster",
"version": "1.0"
},
{
"model": "group touchstone dg950a",
"scope": "eq",
"trust": 0.3,
"vendor": "arris",
"version": "7.10.131"
},
{
"model": "cbw700n",
"scope": "eq",
"trust": 0.3,
"vendor": "netmaster",
"version": "81.447.392110.729.02"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netmaster:cbw700_software:81.447.392110.729.024:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netmaster:netmaster_cbw700n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Deral Heiland and Matthew Kienow.",
"sources": [
{
"db": "BID",
"id": "69631"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4862",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2014-004044",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-05345",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-4862",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2014-004044",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-05345",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-055",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Netmaster CBW700N cable modem with software 81.447.392110.729.024 has an SNMP community of public, which allows remote attackers to obtain sensitive credential, key, and SSID information via an SNMP request. Netmaster Cable modem provided by CBW700N Contains an information disclosure vulnerability. Netmaster Cable modem provided by CBW700N Is the default setting SNMP Is enabled. CBW700N Is known SNMP Uses community name, username, password and WiFi There is a vulnerability that leaks information such as keys (CWE-200) . CWE-200: Information Exposure http://cwe.mitre.org/data/definitions/200.htmlUser name, password and password set on the device by a remote third party WiFi You may be able to obtain sensitive information such as keys. The Netmaster Wireless Cable Mode is a wireless modem. \nArris Touchstone DG950A 7.10.131 is vulnerable. Netmaster CBW700N is prone to an information-disclosure vulnerability. This may aid in further attacks. \nNetmaster CBW700N running firmware version 81.447.392110.729.024 is vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4862"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4862",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#259548",
"trust": 3.0
},
{
"db": "JVN",
"id": "JVNVU90686659",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "110554",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2014-05345",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201409-055",
"trust": 0.6
},
{
"db": "BID",
"id": "69631",
"trust": 0.3
},
{
"db": "BID",
"id": "69630",
"trust": 0.3
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"id": "VAR-201409-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
}
]
},
"last_update_date": "2024-04-20T23:18:01.803000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Netmaster CBW-700V",
"trust": 0.8,
"url": "http://www.netmaster.com.tr/urun/6"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863"
},
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/259548"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4862"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90686659/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4862"
},
{
"trust": 0.6,
"url": "http://www.osvdb.com/show/osvdb/110554"
},
{
"trust": 0.3,
"url": "http://www.arrisi.com/products/product.asp?id=50"
},
{
"trust": 0.3,
"url": "http://www.netmaster.com.tr/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"date": "2014-08-21T00:00:00",
"db": "BID",
"id": "69631"
},
{
"date": "2014-08-21T00:00:00",
"db": "BID",
"id": "69630"
},
{
"date": "2014-09-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"date": "2014-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"date": "2014-09-05T17:55:06.907000",
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-09-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-05345"
},
{
"date": "2014-08-21T00:00:00",
"db": "BID",
"id": "69631"
},
{
"date": "2014-08-21T00:00:00",
"db": "BID",
"id": "69630"
},
{
"date": "2014-09-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-004044"
},
{
"date": "2014-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-055"
},
{
"date": "2014-09-08T17:23:42.350000",
"db": "NVD",
"id": "CVE-2014-4862"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Netmaster Cable modem CBW700N Information disclosure vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-004044"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "69631"
},
{
"db": "BID",
"id": "69630"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…