Sign-up

ID

VAR-201701-0628


CVE

CVE-2014-9755


TITLE

Viprinet Multichannel VPN Router 300 Hardware VPN Vulnerability to perform replay attacks on clients

Trust: 0.8

sources: JVNDB: JVNDB-2014-008189

DESCRIPTION

The hardware VPN client in Viprinet MultichannelVPN Router 300 version 2013070830/2013080900 does not validate the remote VPN endpoint identity (through the checking of the endpoint's SSL key) before initiating the exchange, which allows remote attackers to perform a replay attack. ViprinetEuropeMultichannelVPNRouter300 is a multi-channel VPN router product from ViprinetEurope, Germany. A security vulnerability exists in ViprinetEuropeMultichannelVPNRouter300. An attacker could exploit the vulnerability to implement a protocol downgrade attack. Multiple cross-site scripting vulnerabilities 2. Multiple security-bypass vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials and to launch other attacks, perform man-in-the-middle attacks and impersonate trusted servers or bypass certain security restrictions and perform unauthorized actions. In this example, we perform a downgrade attack from protocol version 3 to protocol version 2, however as noted in the impact, version 3 of the protocol is similarly affected. Note: MITRE have assigned CVE-2014-9754 to reference the missing certificate validation and CVE-2014-9755 to reference the protocol downgrade attack. Further details at: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-9754-cve-2014-9755/ Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information

Trust: 2.61

sources: NVD: CVE-2014-9755 // JVNDB: JVNDB-2014-008189 // CNVD: CNVD-2016-01189 // BID: 82583 // VULHUB: VHN-77700 // PACKETSTORM: 135614

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-01189

AFFECTED PRODUCTS

vendor:viprinetmodel:multichannel vpn router 300scope:eqversion:2013070830

Trust: 1.6

vendor:viprinetmodel:multichannel vpn router 300scope:eqversion:2013080900

Trust: 1.6

vendor:viprinet europemodel:multichannel vpn router 300scope: - version: -

Trust: 0.8

vendor:viprinet europemodel:multichannel vpn router 300scope:eqversion:2013070830

Trust: 0.8

vendor:viprinet europemodel:multichannel vpn router 300scope:eqversion:2013080900

Trust: 0.8

vendor:viprinetmodel:europe multichannel vpn routerscope:eqversion:300

Trust: 0.6

sources: CNVD: CNVD-2016-01189 // JVNDB: JVNDB-2014-008189 // CNNVD: CNNVD-201602-367 // NVD: CVE-2014-9755

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-9755
value: HIGH

Trust: 1.0

NVD: CVE-2014-9755
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-01189
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201602-367
value: MEDIUM

Trust: 0.6

VULHUB: VHN-77700
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-9755
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2016-01189
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-77700
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2014-9755
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-01189 // VULHUB: VHN-77700 // JVNDB: JVNDB-2014-008189 // CNNVD: CNNVD-201602-367 // NVD: CVE-2014-9755

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-77700 // JVNDB: JVNDB-2014-008189 // NVD: CVE-2014-9755

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 135614 // CNNVD: CNNVD-201602-367

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201602-367

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-008189

PATCH
title:Multichannel VPN Router 300/310url:https://www.viprinet.com/en/products/multichannel-vpn-router-modular/multichannel-vpn-router-300-310
Trust: 0.8
title:ViprinetEuropeMultichannelVPNRouter300 protocol downgrade vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/71680
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2016-01189 // 
            
            
            
            JVNDB: JVNDB-2014-008189

EXTERNAL IDS
db:NVDid:CVE-2014-9755
Trust: 3.5
db:PACKETSTORMid:135614
Trust: 1.8
db:BIDid:82583
Trust: 1.5
db:JVNDBid:JVNDB-2014-008189
Trust: 0.8
db:CNNVDid:CNNVD-201602-367
Trust: 0.7
db:CNVDid:CNVD-2016-01189
Trust: 0.6
db:VULHUBid:VHN-77700
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01189 // 
            
            
            
            VULHUB: VHN-77700 // 
            
            
            
            BID: 82583 // 
            
            
            
            JVNDB: JVNDB-2014-008189 // 
            
            
            
            PACKETSTORM: 135614 // 
            
            
            
            CNNVD: CNNVD-201602-367 // 
            
            
            
            NVD: CVE-2014-9755

REFERENCES
url:http://seclists.org/fulldisclosure/2016/feb/8
Trust: 2.0
url:http://packetstormsecurity.com/files/135614/viprinet-multichannel-vpn-router-300-identity-verification-fail.html
Trust: 1.7
url:http://www.securityfocus.com/bid/82583
Trust: 1.2
url:http://www.securityfocus.com/archive/1/537441/100/0/threaded
Trust: 1.1
url:https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-9754-cve-2014-9755/
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9755
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9755
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/537441/100/0/threaded
Trust: 0.6
url:https://www.viprinet.com/en/products/multichannel-vpn-router-modular/multichannel-vpn-router-300-310
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2014-9755
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-9754
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2016-01189 // 
            
            
            
            VULHUB: VHN-77700 // 
            
            
            
            BID: 82583 // 
            
            
            
            JVNDB: JVNDB-2014-008189 // 
            
            
            
            PACKETSTORM: 135614 // 
            
            
            
            CNNVD: CNNVD-201602-367 // 
            
            
            
            NVD: CVE-2014-9755

CREDITS
Tim Brown
Trust: 1.0
sources:
            
            
            BID: 82583 // 
            
            
            
            PACKETSTORM: 135614 // 
            
            
            
            CNNVD: CNNVD-201602-367

SOURCES
db:CNVDid:CNVD-2016-01189
db:VULHUBid:VHN-77700
db:BIDid:82583
db:JVNDBid:JVNDB-2014-008189
db:PACKETSTORMid:135614
db:CNNVDid:CNNVD-201602-367
db:NVDid:CVE-2014-9755

LAST UPDATE DATE
2025-04-20T23:20:07.651000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2016-01189date:2016-02-23T00:00:00
db:VULHUBid:VHN-77700date:2018-10-09T00:00:00
db:BIDid:82583date:2016-07-05T21:22:00
db:JVNDBid:JVNDB-2014-008189date:2017-01-31T00:00:00
db:CNNVDid:CNNVD-201602-367date:2017-02-04T00:00:00
db:NVDid:CVE-2014-9755date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:CNVDid:CNVD-2016-01189date:2016-02-23T00:00:00
db:VULHUBid:VHN-77700date:2017-01-20T00:00:00
db:BIDid:82583date:2016-02-03T00:00:00
db:JVNDBid:JVNDB-2014-008189date:2017-01-31T00:00:00
db:PACKETSTORMid:135614date:2016-02-05T16:22:22
db:CNNVDid:CNNVD-201602-367date:2016-02-19T00:00:00
db:NVDid:CVE-2014-9755date:2017-01-20T15:59:00.240