Sign-up

ID

VAR-201806-0914


CVE

CVE-2018-11681


TITLE

RadioRA 2 Lutron integration Vulnerabilities related to the use of hard-coded credentials in products that use protocols

Trust: 0.8

sources: JVNDB: JVNDB-2018-006142

DESCRIPTION

Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine. RadioRA 2 Lutron integration Products that use the protocol are vulnerable to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lutron Electronics radioRA2 and so on are a set of lighting control systems of Lutron Electronics (Lutron Electronics) in the United States. A trust management issue vulnerability exists in Lutron radioRA2, stanza, and HomeworkQS due to the user's inability to disable the default hard-coded credentials in products using this protocol. An attacker could exploit this vulnerability to take control of the device through a TELNET session

Trust: 1.8

sources: NVD: CVE-2018-11681 // JVNDB: JVNDB-2018-006142 // VULHUB: VHN-121565 // VULMON: CVE-2018-11681

AFFECTED PRODUCTS

vendor:lutronmodel:radiora 2scope:eqversion: -

Trust: 1.6

vendor:lutronmodel:stanzascope:eqversion: -

Trust: 1.6

vendor:lutronmodel:homeworks qsscope:eqversion: -

Trust: 1.6

vendor:lutronmodel:homeworks qsscope: - version: -

Trust: 0.8

vendor:lutronmodel:radiora 2scope: - version: -

Trust: 0.8

vendor:lutronmodel:stanzascope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2018-006142 // CNNVD: CNNVD-201806-002 // NVD: CVE-2018-11681

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-11681
value: CRITICAL

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2018-11681
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-11681
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201806-002
value: CRITICAL

Trust: 0.6

VULHUB: VHN-121565
value: HIGH

Trust: 0.1

VULMON: CVE-2018-11681
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-11681
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-121565
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-11681
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 1.8

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2018-11681
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-121565 // VULMON: CVE-2018-11681 // JVNDB: JVNDB-2018-006142 // CNNVD: CNNVD-201806-002 // NVD: CVE-2018-11681 // NVD: CVE-2018-11681

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.9

sources: VULHUB: VHN-121565 // JVNDB: JVNDB-2018-006142 // NVD: CVE-2018-11681

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-002

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201806-002

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-006142

PATCH
title:Top Pageurl:http://www.lutron.com/en-US/Pages/default.aspx
Trust: 0.8
title:Exploitsurl:https://github.com/SadFud/Exploits 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-11681 // 
            
            
            
            JVNDB: JVNDB-2018-006142

EXTERNAL IDS
db:NVDid:CVE-2018-11681
Trust: 2.6
db:JVNDBid:JVNDB-2018-006142
Trust: 0.8
db:CNNVDid:CNNVD-201806-002
Trust: 0.7
db:SEEBUGid:SSVID-97786
Trust: 0.1
db:VULHUBid:VHN-121565
Trust: 0.1
db:VULMONid:CVE-2018-11681
Trust: 0.1
sources:
            
            
            VULHUB: VHN-121565 // 
            
            
            
            VULMON: CVE-2018-11681 // 
            
            
            
            JVNDB: JVNDB-2018-006142 // 
            
            
            
            CNNVD: CNNVD-201806-002 // 
            
            
            
            NVD: CVE-2018-11681

REFERENCES
url:http://sadfud.me/explotos/cve-2018-11629
Trust: 2.6
url:https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/
Trust: 2.6
url:http://www.lutron.com/technicaldocumentlibrary/040249.pdf
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11681
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-11681
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/798.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/sadfud/exploits
Trust: 0.1
sources:
            
            
            VULHUB: VHN-121565 // 
            
            
            
            VULMON: CVE-2018-11681 // 
            
            
            
            JVNDB: JVNDB-2018-006142 // 
            
            
            
            CNNVD: CNNVD-201806-002 // 
            
            
            
            NVD: CVE-2018-11681

SOURCES
db:VULHUBid:VHN-121565
db:VULMONid:CVE-2018-11681
db:JVNDBid:JVNDB-2018-006142
db:CNNVDid:CNNVD-201806-002
db:NVDid:CVE-2018-11681

LAST UPDATE DATE
2024-11-23T21:38:50.125000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-121565date:2019-06-27T00:00:00
db:VULMONid:CVE-2018-11681date:2019-06-27T00:00:00
db:JVNDBid:JVNDB-2018-006142date:2018-08-08T00:00:00
db:CNNVDid:CNNVD-201806-002date:2019-07-05T00:00:00
db:NVDid:CVE-2018-11681date:2024-11-21T03:43:48.363

SOURCES RELEASE DATE
db:VULHUBid:VHN-121565date:2018-06-02T00:00:00
db:VULMONid:CVE-2018-11681date:2018-06-02T00:00:00
db:JVNDBid:JVNDB-2018-006142date:2018-08-08T00:00:00
db:CNNVDid:CNNVD-201806-002date:2018-06-02T00:00:00
db:NVDid:CVE-2018-11681date:2018-06-02T13:29:00.277