var-201709-0365
Vulnerability from variot
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values. AT&T U-verse There are authentication vulnerabilities in the firmware.Information may be tampered with. ArrisNVG589 and NVG599 are router products of Arris Group of the United States. AT&TU-verse is the firmware used in it. A security vulnerability exists in the AT&TU-verse9.2.2h0d83 version of ArrisNVG589 and NVG599. A remote attacker can exploit this vulnerability to establish an arbitrary TCP connection with an internal host. AT&T U-verse Arris Modems are prone to following security vulnerabilities: 1. 2. An information-disclosure vulnerability 3. A command injection vulnerability 4. A security-bypass vulnerability Attackers can exploit these issues to obtain sensitive information, execute arbitrary code and perform unauthorized actions., which may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201709-0365",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "u-verse",
"scope": "eq",
"trust": 1.6,
"vendor": "att",
"version": "9.2.2h0d83"
},
{
"model": "u-verse",
"scope": "eq",
"trust": 0.8,
"vendor": "at t",
"version": "9.2.2h0d83"
},
{
"model": "nvg589",
"scope": "eq",
"trust": 0.6,
"vendor": "arris",
"version": "0"
},
{
"model": "nvg599",
"scope": "eq",
"trust": 0.6,
"vendor": "arris",
"version": "0"
},
{
"model": "at\u0026t u-verse 9.2.2h0d83",
"scope": null,
"trust": 0.6,
"vendor": "arris",
"version": null
},
{
"model": "u-verse 9.2.2h0d83",
"scope": null,
"trust": 0.3,
"vendor": "at t",
"version": null
},
{
"model": "arris nvg599",
"scope": "eq",
"trust": 0.3,
"vendor": "at t",
"version": "0"
},
{
"model": "arris nvg589",
"scope": "eq",
"trust": 0.3,
"vendor": "at t",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:att:u-verse_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nomotion",
"sources": [
{
"db": "BID",
"id": "100585"
}
],
"trust": 0.3
},
"cve": "CVE-2017-14117",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-14117",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-31552",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-104807",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2017-14117",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-14117",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-14117",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-31552",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-039",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-104807",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "VULHUB",
"id": "VHN-104807"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AT\u0026T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \\x2a\\xce\\x01 followed by other predictable values. AT\u0026T U-verse There are authentication vulnerabilities in the firmware.Information may be tampered with. ArrisNVG589 and NVG599 are router products of Arris Group of the United States. AT\u0026TU-verse is the firmware used in it. A security vulnerability exists in the AT\u0026TU-verse9.2.2h0d83 version of ArrisNVG589 and NVG599. A remote attacker can exploit this vulnerability to establish an arbitrary TCP connection with an internal host. AT\u0026amp;T U-verse Arris Modems are prone to following security vulnerabilities:\n1. \n2. An information-disclosure vulnerability\n3. A command injection vulnerability\n4. A security-bypass vulnerability\nAttackers can exploit these issues to obtain sensitive information, execute arbitrary code and perform unauthorized actions., which may aid in further attacks. Failed exploit attempts may result in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-14117"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "VULHUB",
"id": "VHN-104807"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-14117",
"trust": 3.4
},
{
"db": "BID",
"id": "100585",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-039",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-31552",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-104807",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "VULHUB",
"id": "VHN-104807"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"id": "VAR-201709-0365",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "VULHUB",
"id": "VHN-104807"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
}
]
},
"last_update_date": "2024-11-23T22:34:30.061000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.att.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-104807"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://www.nomotion.net/blog/sharknatto/"
},
{
"trust": 2.3,
"url": "https://threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/100585"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-14117"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-14117"
},
{
"trust": 0.3,
"url": "https://www.tenable.com/blog/hardcoded-credentials-expose-customers-of-att-u-verse"
},
{
"trust": 0.3,
"url": "https://www.att.com/"
},
{
"trust": 0.3,
"url": "https://www.tenable.com/plugins/index.php?view=single\u0026id=102915"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "VULHUB",
"id": "VHN-104807"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"db": "VULHUB",
"id": "VHN-104807"
},
{
"db": "BID",
"id": "100585"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"date": "2017-09-03T00:00:00",
"db": "VULHUB",
"id": "VHN-104807"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100585"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"date": "2017-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"date": "2017-09-03T19:29:00.330000",
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-31552"
},
{
"date": "2017-09-13T00:00:00",
"db": "VULHUB",
"id": "VHN-104807"
},
{
"date": "2017-08-31T00:00:00",
"db": "BID",
"id": "100585"
},
{
"date": "2017-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007774"
},
{
"date": "2017-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-039"
},
{
"date": "2024-11-21T03:12:10.320000",
"db": "NVD",
"id": "CVE-2017-14117"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "AT\u0026T U-verse Firmware authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007774"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-039"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…