VAR-201903-0009
Vulnerability from variot - Updated: 2023-12-18 13:08An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft's UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft's UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements.
Name: Remote Code Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Code Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3495
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 0.x - 2.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3497
Name: Remote Command Injection in Wifi-soft's Unibox Controllers Affected Software: Unibox Controller Affected Versions: 3.x Homepage: https://wifi-soft.com/unibox-controller/ Vulnerability: Remote Command Injection Severity: Critical Status: Not Fixed CVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8) CVE-ID Reference: CVE-2019-3496
I have posted all the technical details, POCs and root-cause analysis here: https://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/
Best Regards,
*Sahil Dhar * Information Security Consultant +91 9821544985
http://goog_555023787 [image: https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/] https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0009",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unibox",
"scope": "eq",
"trust": 1.0,
"vendor": "indionetworks",
"version": null
},
{
"model": "unibox",
"scope": "eq",
"trust": 0.8,
"vendor": "wifi soft",
"version": "0.x to 2.x"
},
{
"model": "unibox controller",
"scope": "gte",
"trust": 0.6,
"vendor": "wifi soft",
"version": "0.*,\u003c=2.*"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:indionetworks:unibox_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:indionetworks:unibox:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sahil Dhar",
"sources": [
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 0.1
},
"cve": "CVE-2019-3495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-3495",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-00769",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "VHN-154930",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3495",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-3495",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-00769",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-759",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-154930",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this component can be bypassed by using Hard coded credentials. Wifi-soft UniBox controller The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Wifi-soft\u0027s UniboxControllers is a fast-paced network controller for all large and small venues. There is a remote code injection vulnerability in Wifi-soft\u0027s UniboxControllers. An attacker can exploit a vulnerability to inject arbitrary code. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. \n\nName: Remote Code Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Code Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3495\n\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 0.x - 2.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3497\n\nName: Remote Command Injection in Wifi-soft\u0027s Unibox Controllers\nAffected Software: Unibox Controller\nAffected Versions: 3.x\nHomepage: https://wifi-soft.com/unibox-controller/\nVulnerability: Remote Command Injection\nSeverity: Critical\nStatus: Not Fixed\nCVSS Score (3.0): CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8)\nCVE-ID Reference: CVE-2019-3496\n\nI have posted all the technical details, POCs and root-cause analysis here:\nhttps://sahildhar.github.io/blogpost/Multiple-RCE-Vulnerabilties-in-Unibox-Controller-0.x-3.x/\n\n\nBest Regards,\n\n*Sahil Dhar *\nInformation Security Consultant\n+91 9821544985\n\n\u003chttp://goog_555023787\u003e\n[image:\nhttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]\n\u003chttps://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "PACKETSTORM",
"id": "151077"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3495",
"trust": 3.2
},
{
"db": "PACKETSTORM",
"id": "151077",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-00769",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-154930",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
]
},
"id": "VAR-201903-0009",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
}
]
},
"last_update_date": "2023-12-18T13:08:11.554000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "UniBox - Access Controllers",
"trust": 0.8,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-434",
"trust": 1.9
},
{
"problemtype": "CWE-798",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://sahildhar.github.io/blogpost/multiple-rce-vulnerabilties-in-unibox-controller-0.x-3.x/"
},
{
"trust": 2.3,
"url": "http://seclists.org/fulldisclosure/2019/jan/23"
},
{
"trust": 2.3,
"url": "http://packetstormsecurity.com/files/151077/wifi-soft-unibox-2.x-remote-command-code-injection.html"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3495"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3495"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3497"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/\u003e"
},
{
"trust": 0.1,
"url": "https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/]"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3496"
},
{
"trust": 0.1,
"url": "http://goog_555023787\u003e"
},
{
"trust": 0.1,
"url": "https://wifi-soft.com/unibox-controller/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"db": "VULHUB",
"id": "VHN-154930"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"db": "PACKETSTORM",
"id": "151077"
},
{
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-154930"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"date": "2019-01-09T09:22:22",
"db": "PACKETSTORM",
"id": "151077"
},
{
"date": "2019-03-21T16:01:04.187000",
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"date": "2019-03-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-00769"
},
{
"date": "2019-03-26T00:00:00",
"db": "VULHUB",
"id": "VHN-154930"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002852"
},
{
"date": "2021-09-13T11:10:00.477000",
"db": "NVD",
"id": "CVE-2019-3495"
},
{
"date": "2021-07-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wifi-soft UniBox controller Device unrestricted upload vulnerability type file vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002852"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-759"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…