VAR-201601-0405
Vulnerability from variot - Updated: 2023-12-18 12:06KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors. HOME SPOT CUBE provided by KDDI CORPORATION is a wireless LAN router. Masaki Yoshikawa of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary administrative operation such as setting alteration may be executed. A security vulnerability exists in previous versions of KDDIHOMESPOTCUBE2. A remote attacker can exploit this vulnerability to execute arbitrary OS commands. KDDI Home Spot Cube is prone to the following security vulnerabilities: Cross-site scripting - CVE-2016-1136 Open redirect - CVE-2016-1137 HTTP header injection - CVE-2016-1138 Cross-site request forgery - CVE-2016-1139 Click jacking - CVE-2016-1140 OS command injection - CVE-2016-1141 Attackers can exploit these issues to execute arbitrary script or HTML code, steal cookie-based authentication credentials, or conduct phishing attacks, or inject arbitrary HTTP headers, or execute arbitrary OS commands in context of the affected application,or allow attackers to gain unauthorized access to the affected application or obtain sensitive information, and to to perform certain unauthorized actions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201601-0405",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "home spot cube",
"scope": "eq",
"trust": 1.6,
"vendor": "kddi",
"version": "2.0"
},
{
"model": "home spot cube devices",
"scope": "lt",
"trust": 1.2,
"vendor": "kddi",
"version": "2"
},
{
"model": "home spot cube",
"scope": null,
"trust": 0.8,
"vendor": "kddi",
"version": null
},
{
"model": "home spot cube",
"scope": "eq",
"trust": 0.3,
"vendor": "kddi",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "BID",
"id": "81982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:kddi:home_spot_cube_firmware:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:kddi:home_spot_cube:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1140"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Masaki Yoshikawa",
"sources": [
{
"db": "BID",
"id": "81982"
}
],
"trust": 0.3
},
"cve": "CVE-2016-1140",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 2.6,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2016-000011",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2016-00911",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CNVD-2016-00912",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-89959",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2016-000011",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1140",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2016-000011",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-00911",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2016-00912",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201601-693",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-89959",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "VULHUB",
"id": "VHN-89959"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors. HOME SPOT CUBE provided by KDDI CORPORATION is a wireless LAN router. Masaki Yoshikawa of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An arbitrary administrative operation such as setting alteration may be executed. A security vulnerability exists in previous versions of KDDIHOMESPOTCUBE2. A remote attacker can exploit this vulnerability to execute arbitrary OS commands. KDDI Home Spot Cube is prone to the following security vulnerabilities:\nCross-site scripting - CVE-2016-1136\nOpen redirect - CVE-2016-1137\nHTTP header injection - CVE-2016-1138\nCross-site request forgery - CVE-2016-1139\nClick jacking - CVE-2016-1140\nOS command injection - CVE-2016-1141\nAttackers can exploit these issues to execute arbitrary script or HTML code, steal cookie-based authentication credentials, or conduct phishing attacks, or inject arbitrary HTTP headers, or execute arbitrary OS commands in context of the affected application,or allow attackers to gain unauthorized access to the affected application or obtain sensitive information, and to to perform certain unauthorized actions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "BID",
"id": "81982"
},
{
"db": "VULHUB",
"id": "VHN-89959"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1140",
"trust": 4.0
},
{
"db": "JVN",
"id": "JVN54686544",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011",
"trust": 2.5
},
{
"db": "BID",
"id": "81982",
"trust": 1.5
},
{
"db": "CNNVD",
"id": "CNNVD-201601-693",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2016-00911",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2016-00912",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-89959",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "VULHUB",
"id": "VHN-89959"
},
{
"db": "BID",
"id": "81982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"id": "VAR-201601-0405",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "VULHUB",
"id": "VHN-89959"
}
],
"trust": 2.3
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 1.2
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
}
]
},
"last_update_date": "2023-12-18T12:06:17.174000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Notes on use of HOME SPOT CUBE",
"trust": 0.8,
"url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
},
{
"title": "KDDIHOMESPOTCUBEdevices has an unspecified vulnerability (CNVD-2016-00911) patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/71235"
},
{
"title": "KDDIHOMESPOTCUBEdevices has an unexplained patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/71234"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-254",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-89959"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "NVD",
"id": "CVE-2016-1140"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://jvn.jp/en/jp/jvn54686544/index.html"
},
{
"trust": 2.0,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1140"
},
{
"trust": 2.0,
"url": "http://www.au.kddi.com/mobile/service/smartphone/wifi/homespot/#anc06"
},
{
"trust": 1.7,
"url": "http://jvndb.jvn.jp/jvndb/jvndb-2016-000011"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1140"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "VULHUB",
"id": "VHN-89959"
},
{
"db": "BID",
"id": "81982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"db": "VULHUB",
"id": "VHN-89959"
},
{
"db": "BID",
"id": "81982"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"date": "2016-01-30T00:00:00",
"db": "VULHUB",
"id": "VHN-89959"
},
{
"date": "2016-01-27T00:00:00",
"db": "BID",
"id": "81982"
},
{
"date": "2016-01-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"date": "2016-01-30T15:59:04.970000",
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"date": "2016-01-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00911"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-00912"
},
{
"date": "2016-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-89959"
},
{
"date": "2016-01-27T00:00:00",
"db": "BID",
"id": "81982"
},
{
"date": "2016-02-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-000011"
},
{
"date": "2016-02-10T17:33:00.710000",
"db": "NVD",
"id": "CVE-2016-1140"
},
{
"date": "2016-02-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "HOME SPOT CUBE vulnerable to clickjacking",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-000011"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201601-693"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…