Details of VAR-201505-0497

ID

VAR-201505-0497

TITLE

There are many common remote code execution vulnerabilities in Bohua Net Dragon Information Security Appliance

Trust: 0.6

sources: CNVD: CNVD-2016-07063

DESCRIPTION

There are several remote code execution vulnerabilities in the Bohua Net Dragon Information Security Appliance. An attacker can exploit the vulnerability to gain remote control of the web server host.

Trust: 0.6

sources: CNVD: CNVD-2016-07063

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-07063

AFFECTED PRODUCTS

vendor:

hunan zhongke bohua

model:

netlong information security machine

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2016-07063

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-07063
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2016-07063
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-07063

EXTERNAL IDS

db:	WOOYUN	id:	WOOYUN-2015-0105683	Trust: 0.6
db:	WOOYUN	id:	WOOYUN-2015-0105680	Trust: 0.6
db:	CNVD	id:	CNVD-2016-07063	Trust: 0.6

sources: CNVD: CNVD-2016-07063

REFERENCES

url:	http://www.wooyun.org/bugs/wooyun-2015-0105680	Trust: 0.6
url:	http://www.wooyun.org/bugs/wooyun-2015-0105683	Trust: 0.6

sources: CNVD: CNVD-2016-07063

SOURCES

db:

CNVD

id:

CNVD-2016-07063

LAST UPDATE DATE

2022-05-17T02:09:00.592000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-07063

date:

2016-09-01T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-07063

date:

2015-05-22T00:00:00