Details of VAR-201705-4201

ID

VAR-201705-4201

TITLE

Cache Master Network Device Has SQL Injection Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-04157

DESCRIPTION

Cache Master can optimize caches for web videos (including mobile videos), and also intelligently cache http downloads and web images of web pages. The cache master network device has a SQL injection vulnerability. An attacker can use this vulnerability to log in to the website's background to obtain administrator permissions and database sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2017-04157

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-04157

AFFECTED PRODUCTS

vendor:

wangzong information

model:

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2017-04157

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2017-04157
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2017-04157
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2017-04157

EXTERNAL IDS

db:

CNVD

id:

CNVD-2017-04157

Trust: 0.6

sources: CNVD: CNVD-2017-04157

SOURCES

db:

CNVD

id:

CNVD-2017-04157

LAST UPDATE DATE

2022-05-04T10:01:05.337000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2017-04157

date:

2017-04-17T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2017-04157

date:

2017-05-22T00:00:00