Details of VAR-201407-0714

ID

VAR-201407-0714

TITLE

SYAC TB DigiEye 3G product backdoor unauthorized access vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-04210

DESCRIPTION

SYAC TB DigiEye 3G is a 3G wireless solution device. SYAC TB DigiEye 3G includes a backdoor service that listens to TCP port 7339. TECHBOARD SYAC TB DigiEye 3G Products is a set of digital security management system that provides remote management, alarm and communication for video and audio of Italian TECHBOARD company. An unauthorized access vulnerability exists in TECHBOARD SYAC TB DigiEye 3G Products. A remote attacker could use this vulnerability to execute arbitrary commands on the affected device with root privileges. This may aid in further attacks

Trust: 1.35

sources: CNVD: CNVD-2014-04210 // CNNVD: CNNVD-201407-244 // BID: 68426

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-04210

AFFECTED PRODUCTS

vendor:

techboard syac

model:

digieye 3g

scope:

version:

3.19.30004

Trust: 0.6

sources: CNVD: CNVD-2014-04210

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-04210
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2014-04210
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-04210

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201407-244

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201407-244

EXTERNAL IDS

db:	BID	id:	68426	Trust: 1.5
db:	OSVDB	id:	108797	Trust: 0.6
db:	CNVD	id:	CNVD-2014-04210	Trust: 0.6
db:	CNNVD	id:	CNNVD-201407-244	Trust: 0.6

sources: CNVD: CNVD-2014-04210 // BID: 68426 // CNNVD: CNNVD-201407-244

REFERENCES

url:	http://osvdb.com/show/osvdb/108797	Trust: 0.6
url:	http://seclists.org/bugtraq/2014/jul/17	Trust: 0.6
url:	http://www.securityfocus.com/bid/68426	Trust: 0.6

sources: CNVD: CNVD-2014-04210 // CNNVD: CNNVD-201407-244

CREDITS

Roberto Paleari

Trust: 0.9

sources: BID: 68426 // CNNVD: CNNVD-201407-244

SOURCES

db:	CNVD	id:	CNVD-2014-04210
db:	BID	id:	68426
db:	CNNVD	id:	CNNVD-201407-244

LAST UPDATE DATE

2022-05-17T02:00:01.736000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-04210	date:	2020-03-10T00:00:00
db:	BID	id:	68426	date:	2014-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201407-244	date:	2014-07-10T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-04210	date:	2014-07-11T00:00:00
db:	BID	id:	68426	date:	2014-07-07T00:00:00
db:	CNNVD	id:	CNNVD-201407-244	date:	2014-07-10T00:00:00