Details of VAR-201807-0126

ID

VAR-201807-0126

CVE

CVE-2016-9494

TITLE

Hughes satellite modems contain multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#614751

DESCRIPTION

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service. Hughes Network Systems, LLC Multiple broadband satellite modems offered by are vulnerable to the following multiple vulnerabilities: * Incorrect input value validation (CWE-20) - CVE-2016-9494 * Problems with hard-coded credentials (CWE-798) - CVE-2016-9495 * The problem of lack of authentication for important functions (CWE-306) - CVE-2016-9496 * Avoiding authentication through another channel or path (CWE-288) - CVE-2016-9497Denial of service operation of the device by a remote third party (DoS) An attack could be performed, the device could be restarted, or an arbitrary command could be executed on the device. Multiple Hughes Satellite Modems are prone to the following security vulnerabilities: 1. Multiple denial-of-service vulnerabilities 2. A hard-coded credentials vulnerability 3. An authentication bypass vulnerability An attacker can exploit these issues to gain access to bypass certain security restrictions and obtain potentially sensitive information, perform unauthorized actions, or cause denial-of-service condition on the affected device. Other attacks are also possible. The following products are vulnerable: HN7740S DW7000 HN7000S/SM. Hughes satellite is a set of solutions for satellite broadband services from Hughes Corporation of the United States. HN7740S, DW7000 and HN7000S/SM are the modems used in it. An attacker could exploit this vulnerability by sending a specially crafted GET request to cause a denial of service. The following products and versions are affected: Hughes HN7740S with firmware version 6.9.0.34; DW7000 with firmware version 6.9.0.34; HN7000S/SM with firmware version 6.9.0.34

Trust: 2.7

sources: NVD: CVE-2016-9494 // CERT/CC: VU#614751 // JVNDB: JVNDB-2016-008414 // BID: 96244 // VULHUB: VHN-98314

AFFECTED PRODUCTS

vendor:	hughes	model:	hn7000sm	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes	model:	dw7000	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes	model:	hn7000s	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes	model:	hn7740s	scope:	eq	version:	6.9.0.34	Trust: 1.6
vendor:	hughes network	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	kontron s t	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	hughes network	model:	dw7000	scope:	-	version:	-	Trust: 0.8
vendor:	hughes network	model:	hn7000s/sm	scope:	-	version:	-	Trust: 0.8
vendor:	hughes network	model:	hn7740s	scope:	-	version:	-	Trust: 0.8
vendor:	hughes	model:	hn7740s	scope:	eq	version:	0	Trust: 0.3
vendor:	hughes	model:	hn7000s/sm	scope:	eq	version:	0	Trust: 0.3
vendor:	hughes	model:	dw7000	scope:	eq	version:	0	Trust: 0.3
vendor:	hughes	model:	hn7740s	scope:	ne	version:	6.9.0.34	Trust: 0.3
vendor:	hughes	model:	hn7000s/sm	scope:	ne	version:	6.9.0.34	Trust: 0.3
vendor:	hughes	model:	dw7000	scope:	ne	version:	6.9.0.34	Trust: 0.3

sources: CERT/CC: VU#614751 // BID: 96244 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9494 // CNNVD: CNNVD-201702-605

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2016-9494
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-201702-605
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-98314
value:	LOW
Trust: 0.1

NVD:
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
VULHUB:	VHN-98314
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:P
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

NVD:
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	ADJACENT_NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0

sources: VULHUB: VHN-98314 // NVD: CVE-2016-9494 // CNNVD: CNNVD-201702-605

PROBLEMTYPE DATA

problemtype:	CWE-20	Trust: 1.9
problemtype:	CWE-798	Trust: 0.8
problemtype:	CWE-306	Trust: 0.8
problemtype:	CWE-288	Trust: 0.8

sources: VULHUB: VHN-98314 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9494

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201702-605

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201702-605

CONFIGURATIONS

sources: NVD: CVE-2016-9494

PATCH

title:	Broadband Satellite Modems, Routers, and Appliances	url:	https://www.hughes.com/technologies/broadband-satellite-systems/hn-systems	Trust: 0.8
title:	Multiple Hughes satellite modems Fixes for product input validation vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68210	Trust: 0.6

sources: JVNDB: JVNDB-2016-008414 // CNNVD: CNNVD-201702-605

EXTERNAL IDS

db:	CERT/CC	id:	VU#614751	Trust: 3.6
db:	NVD	id:	CVE-2016-9494	Trust: 2.8
db:	BID	id:	96244	Trust: 2.0
db:	JVN	id:	JVNVU93522863	Trust: 0.8
db:	JVNDB	id:	JVNDB-2016-008414	Trust: 0.8
db:	CNNVD	id:	CNNVD-201702-605	Trust: 0.7
db:	VULHUB	id:	VHN-98314	Trust: 0.1

sources: CERT/CC: VU#614751 // VULHUB: VHN-98314 // BID: 96244 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9494 // CNNVD: CNNVD-201702-605

REFERENCES

url:	https://www.kb.cert.org/vuls/id/614751	Trust: 2.5
url:	https://www.securityfocus.com/bid/96244	Trust: 1.7
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9495	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9496	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9497	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9494	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu93522863/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9497	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9494	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9495	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2016-9496	Trust: 0.8
url:	http://www.hughes.com	Trust: 0.3
url:	http://www.kb.cert.org/vuls/id/614751	Trust: 0.3

sources: CERT/CC: VU#614751 // VULHUB: VHN-98314 // BID: 96244 // JVNDB: JVNDB-2016-008414 // NVD: CVE-2016-9494 // CNNVD: CNNVD-201702-605

CREDITS

anonymous

Trust: 0.3

sources: BID: 96244

SOURCES

db:	CERT/CC	id:	VU#614751
db:	VULHUB	id:	VHN-98314
db:	BID	id:	96244
db:	JVNDB	id:	JVNDB-2016-008414
db:	NVD	id:	CVE-2016-9494
db:	CNNVD	id:	CNNVD-201702-605

LAST UPDATE DATE

2023-12-18T12:50:39.297000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#614751	date:	2018-02-27T00:00:00
db:	VULHUB	id:	VHN-98314	date:	2019-10-09T00:00:00
db:	BID	id:	96244	date:	2017-03-07T04:02:00
db:	JVNDB	id:	JVNDB-2016-008414	date:	2017-05-17T00:00:00
db:	NVD	id:	CVE-2016-9494	date:	2019-10-09T23:20:32.320
db:	CNNVD	id:	CNNVD-201702-605	date:	2019-10-17T00:00:00

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#614751	date:	2017-02-15T00:00:00
db:	VULHUB	id:	VHN-98314	date:	2018-07-13T00:00:00
db:	BID	id:	96244	date:	2017-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2016-008414	date:	2017-05-17T00:00:00
db:	NVD	id:	CVE-2016-9494	date:	2018-07-13T20:29:01.737
db:	CNNVD	id:	CNNVD-201702-605	date:	2017-02-20T00:00:00