Details of VAR-201606-0263

ID

VAR-201606-0263

CVE

CVE-2015-8288

TITLE

Netgear D6000 and D3600 contain hard-coded cryptographic keys and are vulnerable to authentication bypass

Trust: 0.8

sources: CERT/CC: VU#778696

DESCRIPTION

NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation. Supplementary information : CWE Vulnerability type by CWE-321: Use of Hard-coded Cryptographic Key ( Using hard-coded encryption keys ) Has been identified. http://cwe.mitre.org/data/definitions/321.htmlIf a third party uses key information from another installation, the cryptographic protection mechanism may be broken. The Netgear D6000 and D3600 are wireless router products for NETGEAR. An attacker can exploit these issues to bypass the authentication mechanism, obtain sensitive information. This may aid in further attacks. NetGear D3600 firmware versions 1.0.0.49 and prior

Trust: 3.24

sources: NVD: CVE-2015-8288 // CERT/CC: VU#778696 // JVNDB: JVNDB-2015-007204 // CNVD: CNVD-2016-04206 // BID: 91153 // VULHUB: VHN-86249

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-04206

AFFECTED PRODUCTS

vendor:	netgear	model:	d3600	scope:	eq	version:	1.0.0.49	Trust: 2.2
vendor:	netgear	model:	d6000	scope:	lte	version:	1.0.0.49	Trust: 1.0
vendor:	netgear	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	d3600	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	d3600	scope:	eq	version:	1.0.0.49	Trust: 0.8
vendor:	net gear	model:	d6000	scope:	-	version:	-	Trust: 0.8
vendor:	net gear	model:	d6000	scope:	lte	version:	1.0.0.49	Trust: 0.8
vendor:	netgear	model:	d6000	scope:	lte	version:	<=1.0.0.49	Trust: 0.6
vendor:	netgear	model:	d6000	scope:	eq	version:	1.0.0.49	Trust: 0.6

sources: CERT/CC: VU#778696 // CNVD: CNVD-2016-04206 // JVNDB: JVNDB-2015-007204 // NVD: CVE-2015-8288 // CNNVD: CNNVD-201606-232

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2015-8288
value:	MEDIUM
Trust: 1.8
CNVD:	CNVD-2016-04206
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201606-232
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-86249
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
NVD:	CVE-2015-8288
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-04206
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-86249
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.2
impactScore:	3.6
version:	3.0
Trust: 1.0
NVD:	CVE-2015-8288
baseSeverity:	MEDIUM
baseScore:	5.9
vectorString:	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2016-04206 // VULHUB: VHN-86249 // JVNDB: JVNDB-2015-007204 // NVD: CVE-2015-8288 // CNNVD: CNNVD-201606-232

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2015-007204 // NVD: CVE-2015-8288

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201606-232

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201606-232

CONFIGURATIONS

sources: NVD: CVE-2015-8288

PATCH

title:	CVE-2015-8288 - Use of Hard-coded Cryptographic Key	url:	http://kb.netgear.com/app/answers/detail/a_id/30560	Trust: 0.8
title:	Patch for NetgearD6000 and D3600 hardcoded RSA keyholes	url:	https://www.cnvd.org.cn/patchinfo/show/77919	Trust: 0.6
title:	Netgear D6000 and D3600 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62187	Trust: 0.6

sources: CNVD: CNVD-2016-04206 // JVNDB: JVNDB-2015-007204 // CNNVD: CNNVD-201606-232

EXTERNAL IDS

db:	CERT/CC	id:	VU#778696	Trust: 3.9
db:	NVD	id:	CVE-2015-8288	Trust: 3.4
db:	JVN	id:	JVNVU94303845	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-007204	Trust: 0.8
db:	CNNVD	id:	CNNVD-201606-232	Trust: 0.7
db:	CNVD	id:	CNVD-2016-04206	Trust: 0.6
db:	BID	id:	91153	Trust: 0.3
db:	VULHUB	id:	VHN-86249	Trust: 0.1

sources: CERT/CC: VU#778696 // CNVD: CNVD-2016-04206 // VULHUB: VHN-86249 // BID: 91153 // JVNDB: JVNDB-2015-007204 // NVD: CVE-2015-8288 // CNNVD: CNNVD-201606-232

REFERENCES

url:	http://www.kb.cert.org/vuls/id/778696	Trust: 3.1
url:	http://kb.netgear.com/app/answers/detail/a_id/30560	Trust: 2.5
url:	http://kb.netgear.com/app/answers/detail/a_id/30490	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8288	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94303845/	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-8288	Trust: 0.8
url:	http://www.netgear.com	Trust: 0.3

sources: CERT/CC: VU#778696 // CNVD: CNVD-2016-04206 // VULHUB: VHN-86249 // BID: 91153 // JVNDB: JVNDB-2015-007204 // NVD: CVE-2015-8288 // CNNVD: CNNVD-201606-232

CREDITS

Mandar Jadhav of Qualys

Trust: 0.6

sources: CNNVD: CNNVD-201606-232

SOURCES

db:	CERT/CC	id:	VU#778696
db:	CNVD	id:	CNVD-2016-04206
db:	VULHUB	id:	VHN-86249
db:	BID	id:	91153
db:	JVNDB	id:	JVNDB-2015-007204
db:	NVD	id:	CVE-2015-8288
db:	CNNVD	id:	CNNVD-201606-232

LAST UPDATE DATE

2023-12-18T13:03:18.135000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#778696	date:	2016-07-01T00:00:00
db:	CNVD	id:	CNVD-2016-04206	date:	2016-06-22T00:00:00
db:	VULHUB	id:	VHN-86249	date:	2016-06-21T00:00:00
db:	BID	id:	91153	date:	2016-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-007204	date:	2016-06-22T00:00:00
db:	NVD	id:	CVE-2015-8288	date:	2016-06-21T22:28:28.103
db:	CNNVD	id:	CNNVD-201606-232	date:	2016-06-21T00:00:00

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#778696	date:	2016-06-10T00:00:00
db:	CNVD	id:	CNVD-2016-04206	date:	2016-06-22T00:00:00
db:	VULHUB	id:	VHN-86249	date:	2016-06-20T00:00:00
db:	BID	id:	91153	date:	2016-06-10T00:00:00
db:	JVNDB	id:	JVNDB-2015-007204	date:	2016-06-22T00:00:00
db:	NVD	id:	CVE-2015-8288	date:	2016-06-20T01:59:00.133
db:	CNNVD	id:	CNNVD-201606-232	date:	2016-06-12T00:00:00