VAR-200106-0211
Vulnerability from variot - Updated: 2023-12-18 12:33Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. Cayman gateways ship without a default password on the admin and user accounts. As long as the gateway is not addressable via the WAN, this can only be accessed and set by anyone on the LAN side. With admin access, the gateway settings can be configured by an intruder. This could facilitate remote denials of service, as well as potentially allowing further compromises of the network served by the router
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200106-0211",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "3220-h dsl router",
"scope": "eq",
"trust": 1.9,
"vendor": "cayman",
"version": "1.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cayman",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#557136"
},
{
"db": "BID",
"id": "3017"
},
{
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cayman:3220-h_dsl_router:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1430"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reported to bugtraq by Russell Handorf \u003crhandorf@mail.russells-world.com\u003e on July 11, 2001.",
"sources": [
{
"db": "BID",
"id": "3017"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1430",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4234",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2001-1430",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#557136",
"trust": 0.8,
"value": "45.00"
},
{
"author": "CNNVD",
"id": "CNNVD-200106-060",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4234",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#557136"
},
{
"db": "VULHUB",
"id": "VHN-4234"
},
{
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unauthorized access. Cayman gateways ship without a default password on the admin and user accounts. As long as the gateway is not addressable via the WAN, this can only be accessed and set by anyone on the LAN side. With admin access, the gateway settings can be configured by an intruder. This could facilitate remote denials of service, as well as potentially allowing further compromises of the network served by the router",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"db": "CERT/CC",
"id": "VU#557136"
},
{
"db": "BID",
"id": "3017"
},
{
"db": "VULHUB",
"id": "VHN-4234"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#557136",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2001-1430",
"trust": 2.0
},
{
"db": "BID",
"id": "3017",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060",
"trust": 0.7
},
{
"db": "XF",
"id": "6841",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20010711 CAYMAN STRIKES AGAIN",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "HTTP://WWW.KB.CERT.ORG/VULS/ID/JARL-4ZTKY9",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4234",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#557136"
},
{
"db": "VULHUB",
"id": "VHN-4234"
},
{
"db": "BID",
"id": "3017"
},
{
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"id": "VAR-200106-0211",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4234"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:33:19.085000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1430"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/3017"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/196083"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/557136"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/jarl-4ztky9"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6841"
},
{
"trust": 0.8,
"url": "about vulnerability notes"
},
{
"trust": 0.8,
"url": "contact us about this vulnerability"
},
{
"trust": 0.8,
"url": "provide a vendor statement"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/6841"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#557136"
},
{
"db": "VULHUB",
"id": "VHN-4234"
},
{
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#557136"
},
{
"db": "VULHUB",
"id": "VHN-4234"
},
{
"db": "BID",
"id": "3017"
},
{
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-08-27T00:00:00",
"db": "CERT/CC",
"id": "VU#557136"
},
{
"date": "2001-06-11T00:00:00",
"db": "VULHUB",
"id": "VHN-4234"
},
{
"date": "2001-07-11T00:00:00",
"db": "BID",
"id": "3017"
},
{
"date": "2001-06-11T04:00:00",
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"date": "2001-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-08-27T00:00:00",
"db": "CERT/CC",
"id": "VU#557136"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-4234"
},
{
"date": "2009-07-11T06:56:00",
"db": "BID",
"id": "3017"
},
{
"date": "2017-07-11T01:29:06.743000",
"db": "NVD",
"id": "CVE-2001-1430"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cayman-DSL Router Insecure Default Account Vulnerability",
"sources": [
{
"db": "BID",
"id": "3017"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Configuration Error",
"sources": [
{
"db": "BID",
"id": "3017"
},
{
"db": "CNNVD",
"id": "CNNVD-200106-060"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…