cvelistv5 - cve-2017-2186

CVE-2017-2186 (GCVE-0-2017-2186)

Vulnerability from cvelistv5

Published

2017-07-07 13:00

Modified

2024-08-05 13:48

Severity ?

CWE

Authentication bypass

Summary

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.

References

URL

	Vendor	Product	Version
	KDDI CORPORATION	HOME SPOT CUBE2	Version: firmware V101 and earlier

cnvd-2017-14892

Vulnerability from cnvd

Title

KDDI HOME SPOT CUBE2 WebUI身份验证绕过漏洞

Description

KDDI HOME SPOT CUBE是日本KDDI公司的一款家庭无线路由器产品。WebUI是其中的一个图形用户界面。使用101及之前版本固件的KDDI HOME SPOT CUBE2中的WebUI中存在身份验证绕过漏洞。攻击者可利用该漏洞绕过身份验证，执行未授权的操作。

Severity

低

Patch Name

KDDI HOME SPOT CUBE2 WebUI身份验证绕过漏洞的补丁

Patch Description

KDDI HOME SPOT CUBE是日本KDDI公司的一款家庭无线路由器产品。WebUI是其中的一个图形用户界面。使用101及之前版本固件的KDDI HOME SPOT CUBE2中的WebUI中存在身份验证绕过漏洞。攻击者可利用该漏洞绕过身份验证，执行未授权的操作。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，详情请关注厂商主页： http://www.kddi.com/english/

Reference

http://jvn.jp/en/jp/JVN24348065/

Impacted products

Name
KDDI HOME SPOT CUBE2 <=V101

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-2186"
    }
  },
  "description": "KDDI HOME SPOT CUBE\u662f\u65e5\u672cKDDI\u516c\u53f8\u7684\u4e00\u6b3e\u5bb6\u5ead\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002WebUI\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u56fe\u5f62\u7528\u6237\u754c\u9762\u3002\r\n\r\n\u4f7f\u7528101\u53ca\u4e4b\u524d\u7248\u672c\u56fa\u4ef6\u7684KDDI HOME SPOT CUBE2\u4e2d\u7684WebUI\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\uff0c\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\u3002",
  "discovererName": "Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttp://www.kddi.com/english/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-14892",
  "openTime": "2017-07-17",
  "patchDescription": "KDDI HOME SPOT CUBE\u662f\u65e5\u672cKDDI\u516c\u53f8\u7684\u4e00\u6b3e\u5bb6\u5ead\u65e0\u7ebf\u8def\u7531\u5668\u4ea7\u54c1\u3002WebUI\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u56fe\u5f62\u7528\u6237\u754c\u9762\u3002\r\n\r\n\u4f7f\u7528101\u53ca\u4e4b\u524d\u7248\u672c\u56fa\u4ef6\u7684KDDI HOME SPOT CUBE2\u4e2d\u7684WebUI\u4e2d\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u8eab\u4efd\u9a8c\u8bc1\uff0c\u6267\u884c\u672a\u6388\u6743\u7684\u64cd\u4f5c\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "KDDI HOME SPOT CUBE2 WebUI\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "KDDI HOME SPOT CUBE2 \u003c=\u200bV101"
  },
  "referenceLink": "http://jvn.jp/en/jp/JVN24348065/",
  "serverity": "\u4f4e",
  "submitTime": "2017-06-21",
  "title": "KDDI HOME SPOT CUBE2 WebUI\u8eab\u4efd\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e"
}

cve-2017-2186

Vulnerability from jvndb

Published

2017-06-21 13:45

Modified

2018-02-14 11:59

Severity ?

6.5 (Medium) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

HOME SPOT CUBE2 vulnerable to improper authentication in WebUI

Details

HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains improper authentication in WebUI. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN24348065/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2186
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-2186
	Permissions(CWE-264)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

KDDI

HOME SPOT CUBE2 firmware

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000138.html",
  "dc:date": "2018-02-14T11:59+09:00",
  "dcterms:issued": "2017-06-21T13:45+09:00",
  "dcterms:modified": "2018-02-14T11:59+09:00",
  "description": "HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains improper authentication in WebUI.\r\n\r\nTaizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000138.html",
  "sec:cpe": {
    "#text": "cpe:/o:kddi:home_spot_cube_2_firmware",
    "@product": "HOME SPOT CUBE2 firmware",
    "@vendor": "KDDI",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "3.3",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
      "@version": "2.0"
    },
    {
      "@score": "6.5",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2017-000138",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN24348065/index.html",
      "@id": "JVN#24348065",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2186",
      "@id": "CVE-2017-2186",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-2186",
      "@id": "CVE-2017-2186",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-264",
      "@title": "Permissions(CWE-264)"
    }
  ],
  "title": "HOME SPOT CUBE2 vulnerable to improper authentication in WebUI"
}

fkie_cve-2017-2186

Vulnerability from fkie_nvd

Published

2017-07-07 13:29

Modified

2025-04-20 01:37

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.

References

URL	Tags
vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN24348065/index.html	Third Party Advisory, VDB Entry
vultures@jpcert.or.jp	http://www.securityfocus.com/bid/99282	Third Party Advisory, VDB Entry
vultures@jpcert.or.jp	https://www.au.com/information/notice_mobile/update/update-20170612-01/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN24348065/index.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99282	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.au.com/information/notice_mobile/update/update-20170612-01/	Vendor Advisory

Impacted products

Vendor	Product	Version
kddi	home_spot_cube_2_firmware	v100
kddi	home_spot_cube_2_firmware	v101
kddi	home_spot_cube_2	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:kddi:home_spot_cube_2_firmware:v100:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD41B8B-D43A-466D-B994-B6B7AE8554DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:kddi:home_spot_cube_2_firmware:v101:*:*:*:*:*:*:*",
              "matchCriteriaId": "2957E610-4807-4EA0-9242-B4F693E222F1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:kddi:home_spot_cube_2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "330A6D16-3BBA-4D46-B7C1-17C08C8373D5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI."
    },
    {
      "lang": "es",
      "value": "HOME SPOT CUBE2 con firmware V101 y anteriores permite que un atacante omita la autenticaci\u00f3n para cargar firmware malicioso mediante la interfaz de usuario web."
    }
  ],
  "id": "CVE-2017-2186",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 8.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-07-07T13:29:00.413",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://jvn.jp/en/jp/JVN24348065/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99282"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://jvn.jp/en/jp/JVN24348065/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99282"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

var-201707-0414

Vulnerability from variot

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI. HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains improper authentication in WebUI. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Firmware may be altered by an attacker who can access the management screen of the product. The WebUI is one of the graphical user interfaces. An attacker could exploit the vulnerability to bypass authentication and perform unauthorized operations. Multiple remote command injection vulnerabilities 2. A buffer-overflow vulnerability 3. Other attacks may also be possible

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201707-0414",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "home spot cube 2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "kddi",
        "version": "v100"
      },
      {
        "model": "home spot cube 2",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "kddi",
        "version": "v101"
      },
      {
        "model": "home spot cube2",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "kddi",
        "version": "v101"
      },
      {
        "model": "home spot cube2",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "kddi",
        "version": "\u003c=v101"
      },
      {
        "model": "home spot cube",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kddi",
        "version": "101"
      },
      {
        "model": "home spot cube",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "kddi",
        "version": "102"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "BID",
        "id": "99282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:kddi:home_spot_cube_2_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc.",
    "sources": [
      {
        "db": "BID",
        "id": "99282"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-2186",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2017-2186",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.1,
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Adjacent Network",
            "authentication": "None",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 3.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2017-000138",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CNVD-2017-14892",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 6.5,
            "id": "VHN-110389",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2017-2186",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Adjacent Network",
            "author": "IPA",
            "availabilityImpact": "None",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "JVNDB-2017-000138",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-2186",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "IPA",
            "id": "JVNDB-2017-000138",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-14892",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201706-1113",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-110389",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-2186",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-2186"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI. HOME SPOT CUBE2 provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE2 contains improper authentication in WebUI. Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Firmware may be altered by an attacker who can access the management screen of the product. The WebUI is one of the graphical user interfaces. An attacker could exploit the vulnerability to bypass authentication and perform unauthorized operations. Multiple remote command injection vulnerabilities\n2. A buffer-overflow vulnerability\n3. Other attacks  may also be possible",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "BID",
        "id": "99282"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-2186"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "JVN",
        "id": "JVN24348065",
        "trust": 3.5
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "99282",
        "trust": 2.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-2186",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-2186"
      },
      {
        "db": "BID",
        "id": "99282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "id": "VAR-201707-0414",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      }
    ],
    "trust": 1.45
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      }
    ]
  },
  "last_update_date": "2024-11-23T22:12:59.024000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "About Firmware update for HOME SPOT CUBE2",
        "trust": 0.8,
        "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
      },
      {
        "title": "KDDIHOMESPOTCUBE2WebUI authentication bypass vulnerability patch",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/98209"
      },
      {
        "title": "KDDI HOME SPOT CUBE2 Remediation measures for authorization problem vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71312"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-287",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-264",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.9,
        "url": "http://jvn.jp/en/jp/jvn24348065/index.html"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/99282"
      },
      {
        "trust": 1.8,
        "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2186"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-2186"
      },
      {
        "trust": 0.6,
        "url": "http://jvn.jp/en/jp/jvn24348065/"
      },
      {
        "trust": 0.3,
        "url": "http://www.kddi.com/english/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/287.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-2186"
      },
      {
        "db": "BID",
        "id": "99282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-2186"
      },
      {
        "db": "BID",
        "id": "99282"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "date": "2017-07-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "date": "2017-07-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-2186"
      },
      {
        "date": "2017-06-22T00:00:00",
        "db": "BID",
        "id": "99282"
      },
      {
        "date": "2017-06-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "date": "2017-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "date": "2017-07-07T13:29:00.413000",
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-14892"
      },
      {
        "date": "2017-07-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-110389"
      },
      {
        "date": "2017-07-14T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-2186"
      },
      {
        "date": "2017-06-22T00:00:00",
        "db": "BID",
        "id": "99282"
      },
      {
        "date": "2018-02-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      },
      {
        "date": "2017-07-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      },
      {
        "date": "2024-11-21T03:23:03.447000",
        "db": "NVD",
        "id": "CVE-2017-2186"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "HOME SPOT CUBE2 vulnerable to improper authentication in WebUI",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-000138"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "authorization issue",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-1113"
      }
    ],
    "trust": 0.6
  }
}

ghsa-5cmp-hg8h-m2f5

Vulnerability from github

Published

2022-05-17 02:29

Modified

2025-04-20 03:40

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-2186"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-07-07T13:29:00Z",
    "severity": "HIGH"
  },
  "details": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.",
  "id": "GHSA-5cmp-hg8h-m2f5",
  "modified": "2025-04-20T03:40:25Z",
  "published": "2022-05-17T02:29:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2186"
    },
    {
      "type": "WEB",
      "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN24348065/index.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/99282"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

gsd-2017-2186

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.

Aliases

CVE-2017-2186

Aliases

CVE-2017-2186

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-2186",
    "description": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.",
    "id": "GSD-2017-2186"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-2186"
      ],
      "details": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI.",
      "id": "GSD-2017-2186",
      "modified": "2023-12-13T01:21:06.143486Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2017-2186",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "HOME SPOT CUBE2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "firmware V101 and earlier"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "KDDI CORPORATION"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Authentication bypass"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.au.com/information/notice_mobile/update/update-20170612-01/",
            "refsource": "CONFIRM",
            "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
          },
          {
            "name": "99282",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99282"
          },
          {
            "name": "JVN#24348065",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN24348065/index.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:kddi:home_spot_cube_2_firmware:v101:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:kddi:home_spot_cube_2_firmware:v100:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:kddi:home_spot_cube_2:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2017-2186"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-287"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.au.com/information/notice_mobile/update/update-20170612-01/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.au.com/information/notice_mobile/update/update-20170612-01/"
            },
            {
              "name": "JVN#24348065",
              "refsource": "JVN",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://jvn.jp/en/jp/JVN24348065/index.html"
            },
            {
              "name": "99282",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/99282"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 8.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-07-14T15:50Z",
      "publishedDate": "2017-07-07T13:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2017-2186 (GCVE-0-2017-2186)

Vulnerability from cvelistv5

cnvd-2017-14892

Vulnerability from cnvd

cve-2017-2186

Vulnerability from jvndb

fkie_cve-2017-2186

Vulnerability from fkie_nvd

var-201707-0414

Vulnerability from variot

ghsa-5cmp-hg8h-m2f5

Vulnerability from github

gsd-2017-2186

Vulnerability from gsd

Tags

Sightings

Nomenclature