Details of VAR-201802-0673

ID

VAR-201802-0673

CVE

CVE-2018-1164

TITLE

ZyXEL P-870H-51 DSL Router Access control vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002408

DESCRIPTION

This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of ZyXEL P-870H-51 DSL Router 1.00(AWG.3)D5. Authentication is not required to exploit this vulnerability. The specific flaw exists within numerous exposed CGI endpoints. The vulnerability is caused by improper access controls that allow access to critical functions without authentication. An attacker can use this vulnerability to reboot affected devices, along with other actions. Was ZDI-CAN-4540. ZyXEL P-870H-51 DSL Router Contains an access control vulnerability. Zero Day Initiative Is vulnerable to this vulnerability ZDI-CAN-4540 Was numbered.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The ZyXELP-870H-51DSLRouter is a wireless router product from ZyXEL Technology. A security vulnerability exists in the exposedCGI endpoint in the ZyXELP-870H-51DSLRouter 1.00 (AWG.3) D5 release, which stems from a failure to properly control access

Trust: 2.97

sources: NVD: CVE-2018-1164 // JVNDB: JVNDB-2018-002408 // ZDI: ZDI-18-135 // CNVD: CNVD-2018-06169 // VULHUB: VHN-121519 // VULMON: CVE-2018-1164

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-06169

AFFECTED PRODUCTS

vendor:	zyxel	model:	p-870h-51	scope:	eq	version:	1.00\(awg.3\)d5	Trust: 1.6
vendor:	zyxel	model:	p-870h-51	scope:	eq	version:	1.00(awg.3)d5	Trust: 0.8
vendor:	zyxel	model:	p-870h-51 dsl router	scope:	-	version:	-	Trust: 0.7
vendor:	zyxel	model:	p-870h-51 dsl router 1.00 d5	scope:	-	version:	-	Trust: 0.6

sources: ZDI: ZDI-18-135 // CNVD: CNVD-2018-06169 // JVNDB: JVNDB-2018-002408 // CNNVD: CNNVD-201802-767 // NVD: CVE-2018-1164

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-1164
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-1164
value:	CRITICAL
Trust: 0.8
ZDI:	CVE-2018-1164
value:	HIGH
Trust: 0.7
CNVD:	CNVD-2018-06169
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201802-767
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-121519
value:	HIGH
Trust: 0.1
VULMON:	CVE-2018-1164
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-1164
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
ZDI:	CVE-2018-1164
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7
CNVD:	CNVD-2018-06169
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-121519
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-1164
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: ZDI: ZDI-18-135 // CNVD: CNVD-2018-06169 // VULHUB: VHN-121519 // VULMON: CVE-2018-1164 // JVNDB: JVNDB-2018-002408 // CNNVD: CNNVD-201802-767 // NVD: CVE-2018-1164

PROBLEMTYPE DATA

problemtype:	CWE-732	Trust: 1.1
problemtype:	CWE-306	Trust: 1.0
problemtype:	CWE-284	Trust: 0.9

sources: VULHUB: VHN-121519 // JVNDB: JVNDB-2018-002408 // NVD: CVE-2018-1164

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-767

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201802-767

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002408

PATCH

title:	Top Page	url:	https://www.zyxel.com/us/en/homepage.shtml	Trust: 0.8
title:	ZyXELP-870H-51DSLRouterCGI Patch for Denial of Service Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/123107	Trust: 0.6

sources: CNVD: CNVD-2018-06169 // JVNDB: JVNDB-2018-002408

EXTERNAL IDS

db:	NVD	id:	CVE-2018-1164	Trust: 3.9
db:	ZDI	id:	ZDI-18-135	Trust: 3.9
db:	JVNDB	id:	JVNDB-2018-002408	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4540	Trust: 0.7
db:	CNVD	id:	CNVD-2018-06169	Trust: 0.6
db:	CNNVD	id:	CNNVD-201802-767	Trust: 0.6
db:	VULHUB	id:	VHN-121519	Trust: 0.1
db:	VULMON	id:	CVE-2018-1164	Trust: 0.1

REFERENCES

url:	https://zerodayinitiative.com/advisories/zdi-18-135	Trust: 2.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1164	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-1164	Trust: 0.8
url:	https://www.zerodayinitiative.com/advisories/zdi-18-135/	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/732.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2018-06169 // VULHUB: VHN-121519 // VULMON: CVE-2018-1164 // JVNDB: JVNDB-2018-002408 // CNNVD: CNNVD-201802-767 // NVD: CVE-2018-1164

CREDITS

Hubert WS Lin of Trend Micro

Trust: 0.7

sources: ZDI: ZDI-18-135

SOURCES

db:	ZDI	id:	ZDI-18-135
db:	CNVD	id:	CNVD-2018-06169
db:	VULHUB	id:	VHN-121519
db:	VULMON	id:	CVE-2018-1164
db:	JVNDB	id:	JVNDB-2018-002408
db:	CNNVD	id:	CNNVD-201802-767
db:	NVD	id:	CVE-2018-1164

LAST UPDATE DATE

2024-11-23T22:48:46.925000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-135	date:	2018-01-23T00:00:00
db:	CNVD	id:	CNVD-2018-06169	date:	2018-03-23T00:00:00
db:	VULHUB	id:	VHN-121519	date:	2019-10-09T00:00:00
db:	VULMON	id:	CVE-2018-1164	date:	2019-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2018-002408	date:	2018-04-11T00:00:00
db:	CNNVD	id:	CNNVD-201802-767	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-1164	date:	2024-11-21T03:59:18.997

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-18-135	date:	2018-01-23T00:00:00
db:	CNVD	id:	CNVD-2018-06169	date:	2018-03-23T00:00:00
db:	VULHUB	id:	VHN-121519	date:	2018-02-21T00:00:00
db:	VULMON	id:	CVE-2018-1164	date:	2018-02-21T00:00:00
db:	JVNDB	id:	JVNDB-2018-002408	date:	2018-04-11T00:00:00
db:	CNNVD	id:	CNNVD-201802-767	date:	2018-03-09T00:00:00
db:	NVD	id:	CVE-2018-1164	date:	2018-02-21T14:29:00.423