cvelistv5 - CVE-2015-6016

CVE-2015-6016 (GCVE-0-2015-6016)

Vulnerability from cvelistv5

Published

2015-12-31 02:00

Modified

2024-08-06 07:06

Severity ?

CWE

Summary

References

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

gsd-2015-6016

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2015-6016

Aliases

CVE-2015-6016

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-6016",
    "description": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors.",
    "id": "GSD-2015-6016"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-6016"
      ],
      "details": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors.",
      "id": "GSD-2015-6016",
      "modified": "2023-12-13T01:20:04.033682Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cert@cert.org",
        "ID": "CVE-2015-6016",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1034554",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034554"
          },
          {
            "name": "1034553",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034553"
          },
          {
            "name": "1034552",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034552"
          },
          {
            "name": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R",
            "refsource": "CONFIRM",
            "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"
          },
          {
            "name": "VU#870744",
            "refsource": "CERT-VN",
            "url": "https://www.kb.cert.org/vuls/id/870744"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:zyxel:nbg-418n:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zyxel:p-660hw-t1_2:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zyxel:zynos_firmware:3.40\\(axh.0\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:zyxel:pmg5318-b20a_firmware:v100aanc0b5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2015-6016"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#870744",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.kb.cert.org/vuls/id/870744"
            },
            {
              "name": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"
            },
            {
              "name": "1034553",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034553"
            },
            {
              "name": "1034552",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034552"
            },
            {
              "name": "1034554",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034554"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH"
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2016-12-07T18:17Z",
      "publishedDate": "2015-12-31T05:59Z"
    }
  }
}

ghsa-666f-pfx4-5gvf

Vulnerability from github

Published

2022-05-17 03:27

Modified

2022-05-17 03:27

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2015-6016"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2015-12-31T05:59:00Z",
    "severity": "CRITICAL"
  },
  "details": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors.",
  "id": "GHSA-666f-pfx4-5gvf",
  "modified": "2022-05-17T03:27:03Z",
  "published": "2022-05-17T03:27:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-6016"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/870744"
    },
    {
      "type": "WEB",
      "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034552"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034553"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1034554"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors. Several models of ZyXEL routers are vulnerable to multiple issues, including weak default passwords, command injections due to improper input validation, and cross-site scripting. ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 are products of ZyXEL Technology. Both NBG-418N and P-660HW-T1 are wireless broadband routers; PMG5318-B20A is a wireless switch product. There are security vulnerabilities in several ZyXEL routers. A remote attacker could exploit this vulnerability to modify the system configuration. An insecure default-password vulnerability 2. Multiple cross-site scripting vulnerabilities 3. A command-execution vulnerability 4. A security-bypass vulnerability 5. An authorization-bypass Successful exploits allow attacker-supplied HTML and script code to run in the context of the affected browser potentially allowing attackers to steal cookie-based authentication credentials, execute arbitrary commands, to gain unauthorized access and bypass security restrictions and perform unauthorized actions. There is a security vulnerability in ZyXEL P-660HW-T1 2 devices using ZyNOS 3.40(AXH.0) firmware, PMG5318-B20A devices and NBG-418N devices using 1.00AANC0b5 firmware. The vulnerability is caused by using '1234' as admin account password

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0082",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "pmg5318-b20a",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "zyxel",
        "version": "v100aanc0b5"
      },
      {
        "model": "nbg-418n",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "nbg-418n",
        "scope": null,
        "trust": 1.4,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "zynos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "zyxel",
        "version": "3.40\\(axh.0\\)"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "p-660hw-t1 v2",
        "scope": null,
        "trust": 0.8,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "pmg5318-b20a",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "zyxel",
        "version": "1.00aanc0b5"
      },
      {
        "model": "zynos",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "zyxel",
        "version": "3.40(axh.0) (2007 year 3 moon 30 day ) (p660hw-t1 v2)"
      },
      {
        "model": "p-660hw-t1",
        "scope": null,
        "trust": 0.6,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "pmg5318-b20a",
        "scope": null,
        "trust": 0.6,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "p-660hw-t1 2",
        "scope": null,
        "trust": 0.6,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "pmg5318-b20a v100aanc0b5",
        "scope": null,
        "trust": 0.3,
        "vendor": "zyxel",
        "version": null
      },
      {
        "model": "p-660hw-t1 3.40",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "zyxel",
        "version": "v2"
      },
      {
        "model": "nbg-418n",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "zyxel",
        "version": "0"
      },
      {
        "model": "pmg5318-b20a 1.00 c0",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "zyxel",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "BID",
        "id": "77077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:zyxel:nbg-418n",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:zyxel:p-660hw-t1_v2",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:zyxel:pmg5318-b20a_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:zyxel:zynos_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Joel Land and Karn Ganeshen",
    "sources": [
      {
        "db": "BID",
        "id": "77077"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2015-6016",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2015-6016",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2015-06900",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-83977",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2015-6016",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2015-6016",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2015-6016",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2015-06900",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201510-349",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-83977",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors. Several models of ZyXEL routers are vulnerable to multiple issues, including weak default passwords, command injections due to improper input validation, and cross-site scripting. ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 are products of ZyXEL Technology. Both NBG-418N and P-660HW-T1 are wireless broadband routers; PMG5318-B20A is a wireless switch product. There are security vulnerabilities in several ZyXEL routers. A remote attacker could exploit this vulnerability to modify the system configuration. An insecure default-password vulnerability\n2. Multiple cross-site scripting vulnerabilities\n3. A command-execution vulnerability\n4. A security-bypass vulnerability\n5. An authorization-bypass\nSuccessful exploits allow attacker-supplied HTML and script code to run in the context of the affected browser potentially allowing attackers to steal cookie-based authentication credentials, execute arbitrary commands, to gain unauthorized access and bypass security restrictions and perform unauthorized actions. There is a security vulnerability in ZyXEL P-660HW-T1 2 devices using ZyNOS 3.40(AXH.0) firmware, PMG5318-B20A devices and NBG-418N devices using 1.00AANC0b5 firmware. The vulnerability is caused by using \u00271234\u0027 as admin account password",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      },
      {
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "BID",
        "id": "77077"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      }
    ],
    "trust": 3.24
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#870744",
        "trust": 4.2
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016",
        "trust": 3.4
      },
      {
        "db": "SECTRACK",
        "id": "1034553",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1034552",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1034554",
        "trust": 1.1
      },
      {
        "db": "JVN",
        "id": "JVNVU97093739",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "77077",
        "trust": 0.3
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "db": "BID",
        "id": "77077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "id": "VAR-201512-0082",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      }
    ],
    "trust": 1.2930356
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:31:02.132000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "NBG-418N",
        "trust": 0.8,
        "url": "http://www.zyxel.com/support/SupportLandingSR.shtml?c=gb\u0026l=en\u0026kbid=M-01393\u0026md=NBG-418N"
      },
      {
        "title": "PMG5318-B20A",
        "trust": 0.8,
        "url": "http://www.zyxel.com/support/SupportLandingSR.shtml?c=gb\u0026l=en\u0026kbid=M-01700\u0026md=PMG5318-B20A"
      },
      {
        "title": "P-660HW-T1 v2",
        "trust": 0.8,
        "url": "http://www.zyxel.com/support/SupportLandingSR.shtml?c=gb\u0026l=en\u0026kbid=MD06084\u0026md=P-660HW-T1%20v2"
      },
      {
        "title": "ZyXEL Support Center - Latest Release",
        "trust": 0.8,
        "url": "http://www.zyxel.com/support/support_landing.shtml"
      },
      {
        "title": "DefaultPassword",
        "trust": 0.8,
        "url": "https://default-password.info/zyxel/"
      },
      {
        "title": "Patches for multiple ZyXEL router credential management vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/65620"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "https://www.kb.cert.org/vuls/id/870744"
      },
      {
        "trust": 1.9,
        "url": "https://www.kb.cert.org/vuls/id/bluu-9zqu2r"
      },
      {
        "trust": 1.5,
        "url": "http://www.zyxel.com/support/support_landing.shtml"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1034552"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1034553"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1034554"
      },
      {
        "trust": 0.8,
        "url": "about vulnerability notes"
      },
      {
        "trust": 0.8,
        "url": "contact us about this vulnerability"
      },
      {
        "trust": 0.8,
        "url": "provide a vendor statement"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6016"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/vu/jvnvu97093739/"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6016"
      },
      {
        "trust": 0.3,
        "url": "http://www.zyxel.com/th/th/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "db": "BID",
        "id": "77077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "db": "BID",
        "id": "77077"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-10-13T00:00:00",
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "date": "2015-10-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "date": "2015-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "date": "2015-10-13T00:00:00",
        "db": "BID",
        "id": "77077"
      },
      {
        "date": "2016-01-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "date": "2015-10-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "date": "2015-12-31T05:59:14.833000",
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2015-10-29T00:00:00",
        "db": "CERT/CC",
        "id": "VU#870744"
      },
      {
        "date": "2015-10-28T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2015-06900"
      },
      {
        "date": "2016-12-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-83977"
      },
      {
        "date": "2015-10-13T00:00:00",
        "db": "BID",
        "id": "77077"
      },
      {
        "date": "2016-01-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2015-006593"
      },
      {
        "date": "2016-01-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      },
      {
        "date": "2024-11-21T02:34:18.167000",
        "db": "NVD",
        "id": "CVE-2015-6016"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 routers contain multiple vulnerabilities",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#870744"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201510-349"
      }
    ],
    "trust": 0.6
  }
}

cnvd-2015-06900

Vulnerability from cnvd

Title

多款ZyXEL路由器凭据管理漏洞

Description

ZyXEL NBG-418N、PMG5318-B20A和P-660HW-T1都是合勤（ZyXEL）科技公司的产品。NBG-418N和P-660HW-T1都是无线宽频路由器；PMG5318-B20A是一款无线交换机产品。多款ZyXEL路由器中存在安全漏洞。远程攻击者可利用该漏洞修改系统配置。

Severity

高

Patch Name

多款ZyXEL路由器凭据管理漏洞的补丁

Patch Description

ZyXEL NBG-418N、PMG5318-B20A和P-660HW-T1都是合勤（ZyXEL）科技公司的产品。NBG-418N和P-660HW-T1都是无线宽频路由器；PMG5318-B20A是一款无线交换机产品。多款ZyXEL路由器中存在安全漏洞。远程攻击者可利用该漏洞修改系统配置。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.zyxel.com/

Reference

http://www.zyxel.com/support/support_landing.shtml http://www.kb.cert.org/vuls/id/870744

Impacted products

Name
['ZyXEL P-660HW-T1', 'ZyXEL PMG5318-B20A', 'ZyXEL NBG-418N']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-6016"
    }
  },
  "description": "ZyXEL NBG-418N\u3001PMG5318-B20A\u548cP-660HW-T1\u90fd\u662f\u5408\u52e4\uff08ZyXEL\uff09\u79d1\u6280\u516c\u53f8\u7684\u4ea7\u54c1\u3002NBG-418N\u548cP-660HW-T1\u90fd\u662f\u65e0\u7ebf\u5bbd\u9891\u8def\u7531\u5668\uff1bPMG5318-B20A\u662f\u4e00\u6b3e\u65e0\u7ebf\u4ea4\u6362\u673a\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eZyXEL\u8def\u7531\u5668\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4fee\u6539\u7cfb\u7edf\u914d\u7f6e\u3002",
  "discovererName": "ZyXEL",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://www.zyxel.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-06900",
  "openTime": "2015-10-28",
  "patchDescription": "ZyXEL NBG-418N\u3001PMG5318-B20A\u548cP-660HW-T1\u90fd\u662f\u5408\u52e4\uff08ZyXEL\uff09\u79d1\u6280\u516c\u53f8\u7684\u4ea7\u54c1\u3002NBG-418N\u548cP-660HW-T1\u90fd\u662f\u65e0\u7ebf\u5bbd\u9891\u8def\u7531\u5668\uff1bPMG5318-B20A\u662f\u4e00\u6b3e\u65e0\u7ebf\u4ea4\u6362\u673a\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eZyXEL\u8def\u7531\u5668\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4fee\u6539\u7cfb\u7edf\u914d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eZyXEL\u8def\u7531\u5668\u51ed\u636e\u7ba1\u7406\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ZyXEL   P-660HW-T1",
      "ZyXEL   PMG5318-B20A",
      "ZyXEL   NBG-418N"
    ]
  },
  "referenceLink": "http://www.zyxel.com/support/support_landing.shtml\r\nhttp://www.kb.cert.org/vuls/id/870744",
  "serverity": "\u9ad8",
  "submitTime": "2015-10-23",
  "title": "\u591a\u6b3eZyXEL\u8def\u7531\u5668\u51ed\u636e\u7ba1\u7406\u6f0f\u6d1e"
}

fkie_cve-2015-6016

Vulnerability from fkie_nvd

Published

2015-12-31 05:59

Modified

2025-04-12 10:46

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cret@cert.org	http://www.securitytracker.com/id/1034552
cret@cert.org	http://www.securitytracker.com/id/1034553
cret@cert.org	http://www.securitytracker.com/id/1034554
cret@cert.org	https://www.kb.cert.org/vuls/id/870744	Third Party Advisory, US Government Resource
cret@cert.org	https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034552
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034553
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034554
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/870744	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R	Third Party Advisory, US Government Resource

Impacted products

Vendor	Product	Version
zyxel	nbg-418n	-
zyxel	p-660hw-t1_2	*
zyxel	zynos_firmware	3.40\(axh.0\)
zyxel	pmg5318-b20a_firmware	v100aanc0b5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:nbg-418n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A2E02E-9CDF-42B1-922E-953F5783F9F5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zyxel:p-660hw-t1_2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A954D198-9DA4-4749-8CD1-2D39D895C801",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:zynos_firmware:3.40\\(axh.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8E5012AD-E11A-46D3-B832-0CF7BD794245",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zyxel:pmg5318-b20a_firmware:v100aanc0b5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2128415-3791-4EFC-8ED0-E31BBEBDFADF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Dispositivos ZyXEL P-660HW-T1 2 con firmware ZyNOS 3.40(AXH.0), dispositivos PMG5318-B20A con firmware 1.00AANC0b5 y dispositivos NBG-418N tienen una contrase\u00f1a por defecto de 1234 para la cuenta de admin, lo que permite a atacantes remotos obtener acceso administrativo a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2015-6016",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2015-12-31T05:59:14.833",
  "references": [
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id/1034552"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id/1034553"
    },
    {
      "source": "cret@cert.org",
      "url": "http://www.securitytracker.com/id/1034554"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/870744"
    },
    {
      "source": "cret@cert.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/870744"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R"
    }
  ],
  "sourceIdentifier": "cret@cert.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2015-6016 (GCVE-0-2015-6016)

Vulnerability from cvelistv5

gsd-2015-6016

Vulnerability from gsd

ghsa-666f-pfx4-5gvf

Vulnerability from github

var-201512-0082

Vulnerability from variot

cnvd-2015-06900

Vulnerability from cnvd

fkie_cve-2015-6016

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature