ID
VAR-201210-0673
TITLE
Legrand-003598 and Bticino-F454 Information Disclosure Vulnerability
Trust: 0.9
sources:
BID: 56092 //
CNNVD: CNNVD-201210-639
DESCRIPTION
Legrand-003598 / Bticino-F454 is an IP gateway device. Direct access to https://[ip address of device]/TiWeb.xml provides plain text account and password information that can be used to control the application. Legrand-003598 and Bticino-F454 are prone to a remote information-disclosure. Successful exploits will allow unauthenticated attackers to obtain sensitive information from the device, which may facilitate a complete compromise of the system
Trust: 0.81
sources:
CNVD: CNVD-2012-5970 //
BID: 56092
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2012-5970
AFFECTED PRODUCTS
| vendor: | legrand | model: | group legrand-003598 bticino-f454 | scope: | eq | version: | /1.00.26 | Trust: 0.6 |
sources:
CNVD: CNVD-2012-5970
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201210-639
TYPE
information disclosure
Trust: 0.6
sources:
CNNVD: CNNVD-201210-639
PATCH
| title: | Patch for Legrand-003598/Bticino-F454 Information Disclosure Vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/23933 | Trust: 0.6 |
sources:
CNVD: CNVD-2012-5970
EXTERNAL IDS
| db: | BID | id: | 56092 | Trust: 1.5 |
| db: | CNVD | id: | CNVD-2012-5970 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201210-639 | Trust: 0.6 |
sources:
CNVD: CNVD-2012-5970 //
BID: 56092 //
CNNVD: CNNVD-201210-639
REFERENCES
| url: | http://seclists.org/fulldisclosure/2012/oct/119 | Trust: 0.6 |
| url: | http://www.securityfocus.com/bid/56092 | Trust: 0.6 |
sources:
CNVD: CNVD-2012-5970 //
CNNVD: CNNVD-201210-639
CREDITS
Rapha??l Jacquot
Trust: 0.6
sources:
CNNVD: CNNVD-201210-639
SOURCES
| db: | CNVD | id: | CNVD-2012-5970 |
| db: | BID | id: | 56092 |
| db: | CNNVD | id: | CNNVD-201210-639 |
LAST UPDATE DATE
2022-05-17T02:04:42.421000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2012-5970 | date: | 2012-10-19T00:00:00 |
| db: | BID | id: | 56092 | date: | 2012-10-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201210-639 | date: | 2012-10-29T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2012-5970 | date: | 2012-10-19T00:00:00 |
| db: | BID | id: | 56092 | date: | 2012-10-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201210-639 | date: | 2012-10-29T00:00:00 |