Details of VAR-201611-0415

ID

VAR-201611-0415

TITLE

Actiontec WCB3000N Privilege Escalation Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2016-10958

DESCRIPTION

ActiontecWCB3000N is a network card product of Actiontec Corporation of the United States, providing related network services. The ActiontecWCB3000N0.16.2.5 version has a privilege escalation vulnerability that an attacker can use to gain administrator privileges and execute arbitrary code.

Trust: 0.6

sources: CNVD: CNVD-2016-10958

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-10958

AFFECTED PRODUCTS

vendor:

actiontec

model:

wcb3000n

scope:

version:

0.16.2.5

Trust: 0.6

sources: CNVD: CNVD-2016-10958

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2016-10958
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2016-10958
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2016-10958

EXTERNAL IDS

db:	CXSECURITY	id:	WLB-2016110057	Trust: 0.6
db:	CNVD	id:	CNVD-2016-10958	Trust: 0.6

sources: CNVD: CNVD-2016-10958

REFERENCES

url:

https://cxsecurity.com/issue/wlb-2016110057

Trust: 0.6

sources: CNVD: CNVD-2016-10958

SOURCES

db:

CNVD

id:

CNVD-2016-10958

LAST UPDATE DATE

2022-05-17T01:43:18.182000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2016-10958

date:

2016-11-11T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2016-10958

date:

2016-11-11T00:00:00