Sign-up

ID

VAR-201706-0088


CVE

CVE-2016-7811


TITLE

CG-WLR300NX fails to restrict access permissions

Trust: 0.8

sources: JVNDB: JVNDB-2016-000219

DESCRIPTION

Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors. CG-WLR300NX provided by Corega Inc is a wireless LAN router. CG-WLR300NX fails to restrict access permissions. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. Corega CG-WLR300NX is prone to following security vulnerabilities: 1. A security bypass vulnerability 2. A cross-site scripting vulnerability 3. A cross-site request forgery vulnerability An attacker may exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, bypass security restrictions or perform unauthorized actions. Other attacks may also be possible. Corega CG-WLR300NX 1.20 and prior are vulnerable. A security vulnerability exists in the Corega CG-WLR300NX with firmware version 1.20 and earlier

Trust: 1.98

sources: NVD: CVE-2016-7811 // JVNDB: JVNDB-2016-000219 // BID: 94248 // VULHUB: VHN-96631

AFFECTED PRODUCTS

vendor:coregamodel:cg-wlr300nxscope:lteversion:1.20

Trust: 1.0

vendor:coregamodel:cg-wlr300nxscope:lteversion:ver. 1.20

Trust: 0.8

vendor:coregamodel:cg-wlr300nxscope:eqversion:1.20

Trust: 0.6

vendor:coregamodel:inc cg-wlr300nxscope:eqversion:1.20

Trust: 0.3

vendor:coregamodel:inc cg-wlr300nxscope:eqversion:1.10

Trust: 0.3

vendor:coregamodel:inc cg-wlr300nxscope:eqversion:1.00

Trust: 0.3

vendor:coregamodel:inc cg-wlr300nxscope:neversion:1.30

Trust: 0.3

sources: BID: 94248 // JVNDB: JVNDB-2016-000219 // CNNVD: CNNVD-201611-350 // NVD: CVE-2016-7811

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-7811
value: HIGH

Trust: 1.0

IPA: JVNDB-2016-000219
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201611-350
value: MEDIUM

Trust: 0.6

VULHUB: VHN-96631
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-7811
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

IPA: JVNDB-2016-000219
severity: MEDIUM
baseScore: 5.4
vectorString: AV:A/AC:M/AU:N/C:P/I:P/A:P
accessVector: ADJACENT NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-96631
severity: MEDIUM
baseScore: 5.8
vectorString: AV:A/AC:L/AU:N/C:P/I:P/A:P
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 6.5
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2016-7811
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

IPA: JVNDB-2016-000219
baseSeverity: MEDIUM
baseScore: 6.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-96631 // JVNDB: JVNDB-2016-000219 // CNNVD: CNNVD-201611-350 // NVD: CVE-2016-7811

PROBLEMTYPE DATA

problemtype:CWE-284

Trust: 1.1

problemtype:CWE-264

Trust: 0.8

sources: VULHUB: VHN-96631 // JVNDB: JVNDB-2016-000219 // NVD: CVE-2016-7811

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-201611-350

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201611-350

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2016-000219

PATCH
title:About Multiple Vulnerabilities of CG-WLR300NXurl:http://corega.jp/support/security/20161111_wlr300nx.htm
Trust: 0.8
title:Corega CG-WLR300NX Repair measures for security bypass vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65713
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2016-000219 // 
            
            
            
            CNNVD: CNNVD-201611-350

EXTERNAL IDS
db:NVDid:CVE-2016-7811
Trust: 2.8
db:JVNid:JVN23549283
Trust: 2.8
db:BIDid:94248
Trust: 2.0
db:JVNDBid:JVNDB-2016-000219
Trust: 0.8
db:CNNVDid:CNNVD-201611-350
Trust: 0.7
db:JVNid:JVN23823838
Trust: 0.3
db:JVNid:JVN92237169
Trust: 0.3
db:VULHUBid:VHN-96631
Trust: 0.1
sources:
            
            
            VULHUB: VHN-96631 // 
            
            
            
            BID: 94248 // 
            
            
            
            JVNDB: JVNDB-2016-000219 // 
            
            
            
            CNNVD: CNNVD-201611-350 // 
            
            
            
            NVD: CVE-2016-7811

REFERENCES
url:https://jvn.jp/en/jp/jvn23549283/index.html
Trust: 2.5
url:http://www.securityfocus.com/bid/94248
Trust: 1.7
url:http://corega.jp/support/security/20161111_wlr300nx.htm
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7811
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2016-7811
Trust: 0.8
url:http://corega.jp/support/security/20151224_wlbaragm.htm
Trust: 0.3
url:http://corega.jp/support/security/20161111_wlr300nx.htm 
Trust: 0.3
url:http://jvn.jp/en/jp/jvn23549283/index.htmls
Trust: 0.3
url:http://jvn.jp/en/jp/jvn23823838/index.html 
Trust: 0.3
url:http://jvn.jp/en/jp/jvn92237169/index.html 
Trust: 0.3
sources:
            
            
            VULHUB: VHN-96631 // 
            
            
            
            BID: 94248 // 
            
            
            
            JVNDB: JVNDB-2016-000219 // 
            
            
            
            CNNVD: CNNVD-201611-350 // 
            
            
            
            NVD: CVE-2016-7811

CREDITS
Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc.
Trust: 0.9
sources:
            
            
            BID: 94248 // 
            
            
            
            CNNVD: CNNVD-201611-350

SOURCES
db:VULHUBid:VHN-96631
db:BIDid:94248
db:JVNDBid:JVNDB-2016-000219
db:CNNVDid:CNNVD-201611-350
db:NVDid:CVE-2016-7811

LAST UPDATE DATE
2025-04-20T23:25:01.772000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-96631date:2017-06-16T00:00:00
db:BIDid:94248date:2016-11-24T01:09:00
db:JVNDBid:JVNDB-2016-000219date:2018-01-17T00:00:00
db:CNNVDid:CNNVD-201611-350date:2017-06-12T00:00:00
db:NVDid:CVE-2016-7811date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULHUBid:VHN-96631date:2017-06-09T00:00:00
db:BIDid:94248date:2016-11-10T00:00:00
db:JVNDBid:JVNDB-2016-000219date:2016-11-11T00:00:00
db:CNNVDid:CNNVD-201611-350date:2016-11-17T00:00:00
db:NVDid:CVE-2016-7811date:2017-06-09T16:29:00.657