Sign-up

ID

VAR-201803-2365


TITLE

Super User Password Reset Vulnerability in Deep Internet Behavior Management Router

Trust: 0.6

sources: CNVD: CNVD-2018-03947

DESCRIPTION

IP-COM Deep Internet Behavior Management is a network management device that provides network administrators with functions such as user authentication, web filtering, application control, flow control, content filtering, behavior auditing, and VPN. There is a supervisor password reset vulnerability in the Deep Internet Behavior Management Router. Attackers can use this vulnerability to reset the supervisor password and log in to the console to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2018-03947

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-03947

AFFECTED PRODUCTS

vendor:heweishun networkmodel: - scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-03947

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2018-03947
value: HIGH

Trust: 0.6

CNVD: CNVD-2018-03947
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2018-03947

PATCH

title:Super User Password Reset Vulnerability in Deep Internet Behavior Management Routerurl:https://www.cnvd.org.cn/patchinfo/show/116459

Trust: 0.6

sources: CNVD: CNVD-2018-03947

EXTERNAL IDS

db:CNVDid:CNVD-2018-03947

Trust: 0.6

sources: CNVD: CNVD-2018-03947

SOURCES

db:CNVDid:CNVD-2018-03947

LAST UPDATE DATE

2022-05-04T09:43:25.553000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-03947date:2018-03-01T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-03947date:2018-03-28T00:00:00