Vulnerabilites related to netgear - raidiator
Vulnerability from fkie_nvd
Published
2013-12-12 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow."
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:raidiator:*:*:*:*:*:readynas:*:*",
"matchCriteriaId": "E4A17A55-2C04-413F-9E9A-231EAC7DD3E7",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netgear:raidiator:*:*:*:*:*:readynas:*:*",
"matchCriteriaId": "B5FB15F3-DC2B-4F23-8150-75B31473CE31",
"versionEndExcluding": "4.2.24",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the \"forgot password workflow.\""
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n eval en frontview/lib/np_handler.pl en la interfaz web FrontView en NETGEAR ReadyNAS RAIDiator anterior a la versi\u00f3n 4.1.12 y 4.2.x anterior a la versi\u00f3n 4.2.24 permite a atacantes remotos ejecutar c\u00f3digo Perl arbitrario a trav\u00e9s de peticiones manipuladas, relacionado con \"flujo de trabajo de restablecimiento de contrase\u00f1a\"."
}
],
"id": "CVE-2013-2751",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-12T18:55:10.807",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/29815"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/98826"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.exploit-db.com/exploits/29815"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/98826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-12 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netgear:raidiator:*:*:*:*:*:readynas:*:*",
"matchCriteriaId": "E4A17A55-2C04-413F-9E9A-231EAC7DD3E7",
"versionEndExcluding": "4.1.12",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netgear:raidiator:*:*:*:*:*:readynas:*:*",
"matchCriteriaId": "B5FB15F3-DC2B-4F23-8150-75B31473CE31",
"versionEndExcluding": "4.2.24",
"versionStartIncluding": "4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users."
},
{
"lang": "es",
"value": "Vulnerabilidad de CSRF en frontview/lib/np_handler.pl de NETGEAR ReadyNAS RAIDiator anterior a la versi\u00f3n 4.1.12 y 4.2.x anterior a 4.2.24 permite a atacantes remotos secuestrar la autenticaci\u00f3n de los usuarios."
}
],
"id": "CVE-2013-2752",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-12-12T18:55:10.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/98825"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/98825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-2752 (GCVE-0-2013-2752)
Vulnerability from cvelistv5
Published
2013-12-12 18:00
Modified
2024-08-06 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.tripwire.com/register/security-advisory-netgear-readynas/ | x_refsource_MISC | |
| http://www.readynas.com/?p=7002 | x_refsource_MISC | |
| http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/ | x_refsource_MISC | |
| http://www.osvdb.org/98825 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.648Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"name": "98825",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/98825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-12T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"name": "98825",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/98825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.tripwire.com/register/security-advisory-netgear-readynas/",
"refsource": "MISC",
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"name": "http://www.readynas.com/?p=7002",
"refsource": "MISC",
"url": "http://www.readynas.com/?p=7002"
},
{
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/",
"refsource": "MISC",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"name": "98825",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/98825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2752",
"datePublished": "2013-12-12T18:00:00",
"dateReserved": "2013-04-02T00:00:00",
"dateUpdated": "2024-08-06T15:44:33.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2751 (GCVE-0-2013-2751)
Vulnerability from cvelistv5
Published
2013-12-12 18:00
Modified
2024-08-06 15:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow."
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html | x_refsource_MISC | |
| http://www.tripwire.com/register/security-advisory-netgear-readynas/ | x_refsource_MISC | |
| http://www.readynas.com/?p=7002 | x_refsource_MISC | |
| http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/ | x_refsource_MISC | |
| http://www.osvdb.org/98826 | vdb-entry, x_refsource_OSVDB | |
| http://www.exploit-db.com/exploits/29815 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:33.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"name": "98826",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/98826"
},
{
"name": "29815",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/29815"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the \"forgot password workflow.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-12T17:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.readynas.com/?p=7002"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"name": "98826",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/98826"
},
{
"name": "29815",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/29815"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the \"forgot password workflow.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/123726/Netgear-ReadyNAS-Complete-System-Takeover.html"
},
{
"name": "http://www.tripwire.com/register/security-advisory-netgear-readynas/",
"refsource": "MISC",
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"name": "http://www.readynas.com/?p=7002",
"refsource": "MISC",
"url": "http://www.readynas.com/?p=7002"
},
{
"name": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/",
"refsource": "MISC",
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"name": "98826",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/98826"
},
{
"name": "29815",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/29815"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2751",
"datePublished": "2013-12-12T18:00:00",
"dateReserved": "2013-04-02T00:00:00",
"dateUpdated": "2024-08-06T15:44:33.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201312-0100
Vulnerability from variot
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow.". NetGear RAIDiator is a direct-hanging storage device based on Linux and debian-sparc platforms. A cross-site request forgery vulnerability exists in NetGear RAIDiator. Allow remote attackers to perform certain administrative actions. Other attacks are also possible. Following are vulnerable: RAIDiator versions prior to 4.1.12 running on SPARC RAIDiator-x86 versions prior to 4.2.24. There is an eval injection vulnerability in the FrontViewWeb interface in NETGEAR ReadyNAS RAIDiator 4.1 and 4.2.23 and earlier versions. The vulnerability is caused by the frontview/lib/np_handler.pl script not filtering the input submitted by the user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0100",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "raidiator",
"scope": "gte",
"trust": 1.0,
"vendor": "netgear",
"version": "4.2"
},
{
"model": "raidiator",
"scope": "gte",
"trust": 1.0,
"vendor": "netgear",
"version": "4.1"
},
{
"model": "raidiator",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "4.2.24"
},
{
"model": "raidiator",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "4.1.12"
},
{
"model": "readynas ultra 2/plus",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 2100",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "4.2.24"
},
{
"model": "readynas pro 4",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 3200",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas pro 6",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 4200",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "raidiator",
"scope": "lt",
"trust": 0.8,
"vendor": "net gear",
"version": "4.2.x"
},
{
"model": "readynas pro",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "pioneer edition"
},
{
"model": "readynas nvx",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "pioneer edition"
},
{
"model": "readynas 1500",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas ultra 4/plus",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas nvx",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "none"
},
{
"model": "readynas pro",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "business edition"
},
{
"model": "readynas ultra 6/plus",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 3100",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas pro 2",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.1.11"
},
{
"model": "readynas raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.23"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.23"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.1"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.20"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.15"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:raidiator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_1500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_2100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_3100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_3200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_4200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_nvx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro_2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_ultra_2%2Fplus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_ultra_4%2Fplus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_ultra_6%2Fplus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Craig Young",
"sources": [
{
"db": "BID",
"id": "62059"
},
{
"db": "PACKETSTORM",
"id": "123726"
}
],
"trust": 0.4
},
"cve": "CVE-2013-2751",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2013-2751",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.8,
"id": "CNVD-2013-14091",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-62753",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2751",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-2751",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2013-14091",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-247",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-62753",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "VULHUB",
"id": "VHN-62753"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the \"forgot password workflow.\". NetGear RAIDiator is a direct-hanging storage device based on Linux and debian-sparc platforms. A cross-site request forgery vulnerability exists in NetGear RAIDiator. Allow remote attackers to perform certain administrative actions. Other attacks are also possible. \nFollowing are vulnerable:\nRAIDiator versions prior to 4.1.12 running on SPARC\nRAIDiator-x86 versions prior to 4.2.24. There is an eval injection vulnerability in the FrontViewWeb interface in NETGEAR ReadyNAS RAIDiator 4.1 and 4.2.23 and earlier versions. The vulnerability is caused by the frontview/lib/np_handler.pl script not filtering the input submitted by the user",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2751"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "VULHUB",
"id": "VHN-62753"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-62753",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62753"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2751",
"trust": 3.5
},
{
"db": "PACKETSTORM",
"id": "123726",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "98826",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "29815",
"trust": 1.7
},
{
"db": "BID",
"id": "62059",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201312-247",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-14091",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "124169",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-83294",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-62753",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "VULHUB",
"id": "VHN-62753"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "PACKETSTORM",
"id": "123726"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"id": "VAR-201312-0100",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "VULHUB",
"id": "VHN-62753"
}
],
"trust": 1.31904765
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
}
]
},
"last_update_date": "2024-08-14T13:48:20.637000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netgear.com/"
},
{
"title": "RAIDiator 4.2.24 (x86)",
"trust": 0.8,
"url": "http://www.readynas.com/?p=7002"
},
{
"title": "Patch for NetGear RAIDiator Cross-Site Request Forgery Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/40540"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62753"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/29815"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/123726/netgear-readynas-complete-system-takeover.html"
},
{
"trust": 1.7,
"url": "http://www.readynas.com/?p=7002"
},
{
"trust": 1.7,
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/98826"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2751"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2751"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62059"
},
{
"trust": 0.6,
"url": "http-request/"
},
{
"trust": 0.6,
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-"
},
{
"trust": 0.3,
"url": "http://www.netgear.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2751"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "VULHUB",
"id": "VHN-62753"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "PACKETSTORM",
"id": "123726"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"db": "VULHUB",
"id": "VHN-62753"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"db": "PACKETSTORM",
"id": "123726"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"date": "2013-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-62753"
},
{
"date": "2013-07-05T00:00:00",
"db": "BID",
"id": "62059"
},
{
"date": "2013-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"date": "2013-10-23T00:00:17",
"db": "PACKETSTORM",
"id": "123726"
},
{
"date": "2013-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"date": "2013-12-12T18:55:10.807000",
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14091"
},
{
"date": "2019-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-62753"
},
{
"date": "2013-11-26T07:56:00",
"db": "BID",
"id": "62059"
},
{
"date": "2013-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005518"
},
{
"date": "2019-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-247"
},
{
"date": "2019-07-18T12:27:13.893000",
"db": "NVD",
"id": "CVE-2013-2751"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR ReadyNAS RAIDiator of FrontView Web Any in the interface Perl Code execution vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005518"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-247"
}
],
"trust": 0.6
}
}
var-201312-0099
Vulnerability from variot
Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. NetGear RAIDiator is a direct-hanging storage device based on Linux and debian-sparc platforms. There is a command injection vulnerability in NetGear RAIDiator. An attacker can exploit the vulnerability to execute arbitrary shell commands with root privileges. Other attacks are also possible. Following are vulnerable: RAIDiator versions prior to 4.1.12 running on SPARC RAIDiator-x86 versions prior to 4.2.24
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0099",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "raidiator",
"scope": "gte",
"trust": 1.0,
"vendor": "netgear",
"version": "4.2"
},
{
"model": "raidiator",
"scope": "gte",
"trust": 1.0,
"vendor": "netgear",
"version": "4.1"
},
{
"model": "raidiator",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "4.2.24"
},
{
"model": "raidiator",
"scope": "lt",
"trust": 1.0,
"vendor": "netgear",
"version": "4.1.12"
},
{
"model": "readynas ultra 2/plus",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 2100",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "4.2.24"
},
{
"model": "readynas pro 4",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 3200",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas pro 6",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 4200",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "raidiator",
"scope": "lt",
"trust": 0.8,
"vendor": "net gear",
"version": "4.2.x"
},
{
"model": "readynas pro",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "pioneer edition"
},
{
"model": "readynas nvx",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "pioneer edition"
},
{
"model": "readynas 1500",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas ultra 4/plus",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas nvx",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "none"
},
{
"model": "readynas pro",
"scope": "eq",
"trust": 0.8,
"vendor": "net gear",
"version": "business edition"
},
{
"model": "readynas ultra 6/plus",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas 3100",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas pro 2",
"scope": null,
"trust": 0.8,
"vendor": "net gear",
"version": null
},
{
"model": "readynas raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.1.11"
},
{
"model": "readynas raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.23"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.23"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.1"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.20"
},
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "4.2.15"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:netgear:raidiator",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_1500",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_2100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_3100",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_3200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_4200",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_nvx",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro_2",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro_4",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_pro_6",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_ultra_2%2Fplus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_ultra_4%2Fplus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:netgear:readynas_ultra_6%2Fplus",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Craig Young",
"sources": [
{
"db": "BID",
"id": "62059"
},
{
"db": "PACKETSTORM",
"id": "123726"
}
],
"trust": 0.4
},
"cve": "CVE-2013-2752",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2013-2752",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-14090",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-62754",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-2752",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-2752",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2013-14090",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-248",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-62754",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "VULHUB",
"id": "VHN-62754"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. NetGear RAIDiator is a direct-hanging storage device based on Linux and debian-sparc platforms. There is a command injection vulnerability in NetGear RAIDiator. An attacker can exploit the vulnerability to execute arbitrary shell commands with root privileges. Other attacks are also possible. \nFollowing are vulnerable:\nRAIDiator versions prior to 4.1.12 running on SPARC\nRAIDiator-x86 versions prior to 4.2.24",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-2752"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "VULHUB",
"id": "VHN-62754"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-2752",
"trust": 3.5
},
{
"db": "OSVDB",
"id": "98825",
"trust": 1.7
},
{
"db": "BID",
"id": "62059",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201312-248",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-14090",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-62754",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "123726",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "VULHUB",
"id": "VHN-62754"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "PACKETSTORM",
"id": "123726"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"id": "VAR-201312-0099",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "VULHUB",
"id": "VHN-62754"
}
],
"trust": 1.31904765
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
}
]
},
"last_update_date": "2024-08-14T13:48:20.677000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.netgear.com/"
},
{
"title": "RAIDiator 4.2.24 (x86)",
"trust": 0.8,
"url": "http://www.readynas.com/?p=7002"
},
{
"title": "Patch for NetGear RAIDiator command injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/40541"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-62754"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-http-request/"
},
{
"trust": 1.7,
"url": "http://www.readynas.com/?p=7002"
},
{
"trust": 1.7,
"url": "http://www.tripwire.com/register/security-advisory-netgear-readynas/"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/98825"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2752"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2752"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62059"
},
{
"trust": 0.6,
"url": "http-request/"
},
{
"trust": 0.6,
"url": "http://www.tripwire.com/state-of-security/vulnerability-management/readynas-flaw-allows-root-access-unauthenticated-"
},
{
"trust": 0.3,
"url": "http://www.netgear.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2752"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-2751"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "VULHUB",
"id": "VHN-62754"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "PACKETSTORM",
"id": "123726"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"db": "VULHUB",
"id": "VHN-62754"
},
{
"db": "BID",
"id": "62059"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"db": "PACKETSTORM",
"id": "123726"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"date": "2013-12-12T00:00:00",
"db": "VULHUB",
"id": "VHN-62754"
},
{
"date": "2013-07-05T00:00:00",
"db": "BID",
"id": "62059"
},
{
"date": "2013-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"date": "2013-10-23T00:00:17",
"db": "PACKETSTORM",
"id": "123726"
},
{
"date": "2013-12-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"date": "2013-12-12T18:55:10.837000",
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-10-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-14090"
},
{
"date": "2019-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-62754"
},
{
"date": "2013-11-26T07:56:00",
"db": "BID",
"id": "62059"
},
{
"date": "2013-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005519"
},
{
"date": "2019-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-248"
},
{
"date": "2019-07-18T12:27:19.160000",
"db": "NVD",
"id": "CVE-2013-2752"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NETGEAR ReadyNAS RAIDiator of frontview/lib/np_handler.pl Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005519"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-248"
}
],
"trust": 0.6
}
}
var-201309-0590
Vulnerability from variot
NetGear RAIDiator is a direct-hanging storage device based on Linux and debian-sparc platforms. There are several security vulnerabilities in NetGear RAIDiator: 1. There are many unspecified errors in the CIFS service. 2. There are multiple unspecified errors in the DLNA service. 3. There are several unspecified errors in the iTunes service. 4, Frontview has multiple unspecified errors. No detailed vulnerability details are currently available.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201309-0590",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "raidiator",
"scope": "eq",
"trust": 0.6,
"vendor": "netgear",
"version": "2.x"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2013-12711",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-12711",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NetGear RAIDiator is a direct-hanging storage device based on Linux and debian-sparc platforms. There are several security vulnerabilities in NetGear RAIDiator: 1. There are many unspecified errors in the CIFS service. 2. There are multiple unspecified errors in the DLNA service. 3. There are several unspecified errors in the iTunes service. 4, Frontview has multiple unspecified errors. No detailed vulnerability details are currently available.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "54467",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "54590",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2013-12711",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"id": "VAR-201309-0590",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
],
"trust": 1.1714286
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"last_update_date": "2022-05-17T02:08:09.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "NetGear RAIDiator has multiple patches for unknown vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/39255"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://kb.netgear.com/app/answers/detail/a_id/23714"
},
{
"trust": 0.6,
"url": "http://kb.netgear.com/app/answers/detail/a_id/23713"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54590/"
},
{
"trust": 0.6,
"url": "http://www.secunia.com/advisories/54467/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-09-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-12711"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "There are multiple unspecified vulnerabilities in NetGear RAIDiator",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-12711"
}
],
"trust": 0.6
}
}