Details of VAR-201809-0315

ID

VAR-201809-0315

CVE

CVE-2018-17178

TITLE

Neato Botvac Connected Authorization vulnerabilities in devices

Trust: 0.8

sources: JVNDB: JVNDB-2018-011489

DESCRIPTION

An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands (sent to /bin/webserver on port 8081) if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though the web socket replies with { "message" : "invalid authorization header" }. Without an active session, commands are still interpreted, but (except for eco-on and eco-off) have no effect, since without active driving, a driving direction does not change anything

Trust: 1.71

sources: NVD: CVE-2018-17178 // JVNDB: JVNDB-2018-011489 // VULHUB: VHN-127611

AFFECTED PRODUCTS

vendor:	neatorobotics	model:	botvac d3 connected	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	neatorobotics	model:	botvac d6 connected	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	neatorobotics	model:	botvac d7 connected	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	neatorobotics	model:	botvac d4 connected	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	neatorobotics	model:	botvac d5 connected	scope:	eq	version:	2.2.0	Trust: 1.0
vendor:	neato robotics	model:	botvac d3 connected	scope:	eq	version:	2.2.0	Trust: 0.8
vendor:	neato robotics	model:	botvac d4 connected	scope:	eq	version:	2.2.0	Trust: 0.8
vendor:	neato robotics	model:	botvac d5 connected	scope:	eq	version:	2.2.0	Trust: 0.8
vendor:	neato robotics	model:	botvac d6 connected	scope:	eq	version:	2.2.0	Trust: 0.8
vendor:	neato robotics	model:	botvac d7 connected	scope:	eq	version:	2.2.0	Trust: 0.8
vendor:	neato	model:	botvac d3 connected	scope:	eq	version:	2.2.0	Trust: 0.6
vendor:	neato	model:	botvac d6 connected	scope:	eq	version:	2.2.0	Trust: 0.6
vendor:	neato	model:	botvac d4 connected	scope:	eq	version:	2.2.0	Trust: 0.6
vendor:	neato	model:	botvac d7 connected	scope:	eq	version:	2.2.0	Trust: 0.6
vendor:	neato	model:	botvac d5 connected	scope:	eq	version:	2.2.0	Trust: 0.6

sources: JVNDB: JVNDB-2018-011489 // CNNVD: CNNVD-201809-805 // NVD: CVE-2018-17178

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-17178
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-17178
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201809-805
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-127611
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2018-17178
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-127611
severity:	LOW
baseScore:	2.9
vectorString:	AV:A/AC:M/AU:N/C:N/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	5.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-17178
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2018-17178
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-127611 // JVNDB: JVNDB-2018-011489 // CNNVD: CNNVD-201809-805 // NVD: CVE-2018-17178

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-285	Trust: 0.9

sources: VULHUB: VHN-127611 // JVNDB: JVNDB-2018-011489 // NVD: CVE-2018-17178

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201809-805

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201809-805

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011489

PATCH

title:

トップページ

url:

https://www.neatorobotics.com/jp/ja/

Trust: 0.8

sources: JVNDB: JVNDB-2018-011489

EXTERNAL IDS

db:	NVD	id:	CVE-2018-17178	Trust: 2.5
db:	JVNDB	id:	JVNDB-2018-011489	Trust: 0.8
db:	CNNVD	id:	CNNVD-201809-805	Trust: 0.7
db:	VULHUB	id:	VHN-127611	Trust: 0.1

sources: VULHUB: VHN-127611 // JVNDB: JVNDB-2018-011489 // CNNVD: CNNVD-201809-805 // NVD: CVE-2018-17178

REFERENCES

url:	https://media.ccc.de/v/2018-124-pinky-brain-are-taking-over-the-world-with-vacuum-cleaners	Trust: 2.5
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-17178	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-17178	Trust: 0.8

sources: VULHUB: VHN-127611 // JVNDB: JVNDB-2018-011489 // CNNVD: CNNVD-201809-805 // NVD: CVE-2018-17178

SOURCES

db:	VULHUB	id:	VHN-127611
db:	JVNDB	id:	JVNDB-2018-011489
db:	CNNVD	id:	CNNVD-201809-805
db:	NVD	id:	CVE-2018-17178

LAST UPDATE DATE

2024-11-23T22:41:41.586000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-127611	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2018-011489	date:	2019-01-15T00:00:00
db:	CNNVD	id:	CNNVD-201809-805	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-17178	date:	2024-11-21T03:54:01.510

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-127611	date:	2018-09-18T00:00:00
db:	JVNDB	id:	JVNDB-2018-011489	date:	2019-01-15T00:00:00
db:	CNNVD	id:	CNNVD-201809-805	date:	2018-09-19T00:00:00
db:	NVD	id:	CVE-2018-17178	date:	2018-09-18T18:29:09.600