Sign-up

ID

VAR-201806-0950


CVE

CVE-2018-11629


TITLE

Stanza Vulnerabilities related to the use of hard-coded credentials

Trust: 0.8

sources: JVNDB: JVNDB-2018-006143

DESCRIPTION

Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not being a vulnerability because what can be done through the ports revolve around controlling lighting, not code execution. A certain set of commands are listed, which bear some similarity to code, but they are not arbitrary and do not allow admin-level control of a machine. HomeWorks QS Lutron integration Products that use the protocol are vulnerable to the use of hard-coded credentials.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lutron Electronics radioRA2 and so on are a set of lighting control systems of Lutron Electronics of the United States. There is a trust management vulnerability in Lutron radioRA2, stanza, and HomeworkQS, which originates from the program with default credentials that cannot be removed (user: lutron, password: integration). An attacker could use this vulnerability to control IoT devices as a superuser

Trust: 3.96

sources: NVD: CVE-2018-11629 // JVNDB: JVNDB-2018-006143 // JVNDB: JVNDB-2018-006142 // JVNDB: JVNDB-2018-006141 // CNNVD: CNNVD-201806-003 // VULHUB: VHN-121507 // VULHUB: VHN-121565 // VULHUB: VHN-121566 // VULMON: CVE-2018-11629

AFFECTED PRODUCTS

vendor:lutronmodel:homeworks qsscope: - version: -

Trust: 2.4

vendor:lutronmodel:radiora 2scope: - version: -

Trust: 2.4

vendor:lutronmodel:stanzascope: - version: -

Trust: 2.4

vendor:lutronmodel:radiora 2scope:eqversion: -

Trust: 1.6

vendor:lutronmodel:stanzascope:eqversion: -

Trust: 1.6

vendor:lutronmodel:homeworks qsscope:eqversion: -

Trust: 1.6

sources: JVNDB: JVNDB-2018-006143 // JVNDB: JVNDB-2018-006142 // JVNDB: JVNDB-2018-006141 // CNNVD: CNNVD-201806-003 // NVD: CVE-2018-11629

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2018-11629
value: CRITICAL

Trust: 2.4

nvd@nist.gov: CVE-2018-11629
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-201806-003
value: CRITICAL

Trust: 0.6

VULHUB: VHN-121507
value: HIGH

Trust: 0.1

VULHUB: VHN-121565
value: HIGH

Trust: 0.1

VULHUB: VHN-121566
value: HIGH

Trust: 0.1

VULMON: CVE-2018-11629
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-11629
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 3.5

VULHUB: VHN-121507
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

VULHUB: VHN-121565
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

VULHUB: VHN-121566
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-11629
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.0

Trust: 3.4

sources: VULHUB: VHN-121507 // VULHUB: VHN-121565 // VULHUB: VHN-121566 // VULMON: CVE-2018-11629 // JVNDB: JVNDB-2018-006143 // JVNDB: JVNDB-2018-006142 // JVNDB: JVNDB-2018-006141 // CNNVD: CNNVD-201806-003 // NVD: CVE-2018-11629

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 3.7

sources: VULHUB: VHN-121507 // VULHUB: VHN-121565 // VULHUB: VHN-121566 // JVNDB: JVNDB-2018-006143 // JVNDB: JVNDB-2018-006142 // JVNDB: JVNDB-2018-006141 // NVD: CVE-2018-11629

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201806-003

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201806-003

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-006143

PATCH
title:Top Pageurl:http://www.lutron.com/en-US/Pages/default.aspx
Trust: 2.4
title:Exploitsurl:https://github.com/SadFud/Exploits 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-11629 // 
            
            
            
            JVNDB: JVNDB-2018-006143 // 
            
            
            
            JVNDB: JVNDB-2018-006142 // 
            
            
            
            JVNDB: JVNDB-2018-006141

EXTERNAL IDS
db:NVDid:CVE-2018-11629
Trust: 4.4
db:JVNDBid:JVNDB-2018-006143
Trust: 0.8
db:JVNDBid:JVNDB-2018-006142
Trust: 0.8
db:JVNDBid:JVNDB-2018-006141
Trust: 0.8
db:CNNVDid:CNNVD-201806-003
Trust: 0.7
db:SEEBUGid:SSVID-97783
Trust: 0.1
db:VULHUBid:VHN-121507
Trust: 0.1
db:CNNVDid:CNNVD-201806-002
Trust: 0.1
db:SEEBUGid:SSVID-97786
Trust: 0.1
db:VULHUBid:VHN-121565
Trust: 0.1
db:CNNVDid:CNNVD-201806-001
Trust: 0.1
db:SEEBUGid:SSVID-97787
Trust: 0.1
db:VULHUBid:VHN-121566
Trust: 0.1
db:VULMONid:CVE-2018-11629
Trust: 0.1
sources:
            
            
            VULHUB: VHN-121507 // 
            
            
            
            VULHUB: VHN-121565 // 
            
            
            
            VULHUB: VHN-121566 // 
            
            
            
            VULMON: CVE-2018-11629 // 
            
            
            
            JVNDB: JVNDB-2018-006143 // 
            
            
            
            JVNDB: JVNDB-2018-006142 // 
            
            
            
            JVNDB: JVNDB-2018-006141 // 
            
            
            
            CNNVD: CNNVD-201806-003 // 
            
            
            
            NVD: CVE-2018-11629

REFERENCES
url:http://sadfud.me/explotos/cve-2018-11629
Trust: 4.4
url:https://reversecodes.wordpress.com/2018/06/02/0-day-tomando-el-control-de-las-instalaciones-de-la-nasa-en-cabo-canaveral/
Trust: 4.4
url:http://www.lutron.com/technicaldocumentlibrary/040249.pdf
Trust: 2.0
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11682
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-11682
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11681
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-11681
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-11629
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-11629
Trust: 0.8
url:https://cwe.mitre.org/data/definitions/798.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://github.com/sadfud/exploits
Trust: 0.1
sources:
            
            
            VULHUB: VHN-121507 // 
            
            
            
            VULHUB: VHN-121565 // 
            
            
            
            VULHUB: VHN-121566 // 
            
            
            
            VULMON: CVE-2018-11629 // 
            
            
            
            JVNDB: JVNDB-2018-006143 // 
            
            
            
            JVNDB: JVNDB-2018-006142 // 
            
            
            
            JVNDB: JVNDB-2018-006141 // 
            
            
            
            CNNVD: CNNVD-201806-003 // 
            
            
            
            NVD: CVE-2018-11629

SOURCES
db:VULHUBid:VHN-121507
db:VULHUBid:VHN-121565
db:VULHUBid:VHN-121566
db:VULMONid:CVE-2018-11629
db:JVNDBid:JVNDB-2018-006143
db:JVNDBid:JVNDB-2018-006142
db:JVNDBid:JVNDB-2018-006141
db:CNNVDid:CNNVD-201806-003
db:NVDid:CVE-2018-11629

LAST UPDATE DATE
2024-11-23T21:38:50.157000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-121507date:2019-06-27T00:00:00
db:VULHUBid:VHN-121565date:2019-06-27T00:00:00
db:VULHUBid:VHN-121566date:2019-06-27T00:00:00
db:VULMONid:CVE-2018-11629date:2019-06-27T00:00:00
db:JVNDBid:JVNDB-2018-006143date:2018-08-08T00:00:00
db:JVNDBid:JVNDB-2018-006142date:2018-08-08T00:00:00
db:JVNDBid:JVNDB-2018-006141date:2018-08-08T00:00:00
db:CNNVDid:CNNVD-201806-003date:2019-07-05T00:00:00
db:NVDid:CVE-2018-11629date:2024-11-21T03:43:43.870

SOURCES RELEASE DATE
db:VULHUBid:VHN-121507date:2018-06-02T00:00:00
db:VULHUBid:VHN-121565date:2018-06-02T00:00:00
db:VULHUBid:VHN-121566date:2018-06-02T00:00:00
db:VULMONid:CVE-2018-11629date:2018-06-02T00:00:00
db:JVNDBid:JVNDB-2018-006143date:2018-08-08T00:00:00
db:JVNDBid:JVNDB-2018-006142date:2018-08-08T00:00:00
db:JVNDBid:JVNDB-2018-006141date:2018-08-08T00:00:00
db:CNNVDid:CNNVD-201806-003date:2018-06-02T00:00:00
db:NVDid:CVE-2018-11629date:2018-06-02T13:29:00.230