Details of VAR-201406-0483

ID

VAR-201406-0483

TITLE

ZTE ZXV10 W300 RomPager Denial of Service Vulnerability

Trust: 1.5

sources: CNVD: CNVD-2014-03776 // BID: 68025 // CNNVD: CNNVD-201406-336

DESCRIPTION

ZTE ZXV10 W300 Router is a wireless router product of China ZTE Corporation. A Denial of Service vulnerability exists in the RomPager of ZTE ZXV10 W300 devices running 3.11.2.175_TC3086 firmware and T14.F7_5.0 hardware. An attacker could use this vulnerability to crash the affected device and cause a denial of service. ZTE ZXV10 W300 is prone to a denial-of-service vulnerability

Trust: 1.35

sources: CNVD: CNVD-2014-03776 // CNNVD: CNNVD-201406-336 // BID: 68025

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-03776

AFFECTED PRODUCTS

vendor:	zte	model:	zxv10 w300 router 3.11.2.175 tc3086	scope:	-	version:	-	Trust: 0.6
vendor:	zte	model:	zxv10 w300 router t14.f7 5.0	scope:	-	version:	-	Trust: 0.6
vendor:	zte	model:	zxv10 w300 3.11.2.175 tc3086	scope:	-	version:	-	Trust: 0.3

sources: CNVD: CNVD-2014-03776 // BID: 68025

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-03776
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2014-03776
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-03776

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201406-336

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 68025

EXTERNAL IDS

db:	BID	id:	68025	Trust: 1.5
db:	CNVD	id:	CNVD-2014-03776	Trust: 0.6
db:	CNNVD	id:	CNNVD-201406-336	Trust: 0.6

sources: CNVD: CNVD-2014-03776 // BID: 68025 // CNNVD: CNNVD-201406-336

REFERENCES

url:	http://www.securityfocus.com/bid/68025	Trust: 1.2
url:	http://osandamalith.wordpress.com/2014/06/10/zte-and-tp-link-rompager-dos/	Trust: 0.3
url:	http://wwwen.zte.com.cn/en/products/access/cpe/201302/t20130204_386351.html	Trust: 0.3

sources: CNVD: CNVD-2014-03776 // BID: 68025 // CNNVD: CNNVD-201406-336

CREDITS

Osanda Malith

Trust: 0.9

sources: BID: 68025 // CNNVD: CNNVD-201406-336

SOURCES

db:	CNVD	id:	CNVD-2014-03776
db:	BID	id:	68025
db:	CNNVD	id:	CNNVD-201406-336

LAST UPDATE DATE

2022-05-17T02:09:49.626000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-03776	date:	2014-06-20T00:00:00
db:	BID	id:	68025	date:	2014-06-10T00:00:00
db:	CNNVD	id:	CNNVD-201406-336	date:	2014-06-17T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-03776	date:	2014-06-20T00:00:00
db:	BID	id:	68025	date:	2014-06-10T00:00:00
db:	CNNVD	id:	CNNVD-201406-336	date:	2014-06-17T00:00:00