Sign-up

ID

VAR-201810-1617


TITLE

Command execution vulnerability in Deep firewall device

Trust: 0.6

sources: CNVD: CNVD-2018-11825

DESCRIPTION

Hangzhou DPtech Co., Ltd. (referred to as DPtech) is a high-tech enterprise integrating R & D, production and sales in the field of network security and application delivery. DPtech's mission is to "make the network simpler, smarter and more secure", and continue to innovate to provide customers with leading products and solutions. Command execution vulnerabilities exist in the IPsec firewall's IPS2000-MC-N and FW1000-GC-N versions. Attackers can use this vulnerability to construct specific code and execute commands remotely.

Trust: 0.6

sources: CNVD: CNVD-2018-11825

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-11825

AFFECTED PRODUCTS

vendor:dptechmodel:fw1000-gc-nscope: - version: -

Trust: 0.6

vendor:dptechmodel:dpip firewall ips2000-mc-nscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-11825

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2018-11825
value: LOW

Trust: 0.6

CNVD: CNVD-2018-11825
severity: LOW
baseScore: 3.3
vectorString: AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 6.5
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2018-11825

PATCH

title:Command execution vulnerability in Deep firewallurl:https://www.cnvd.org.cn/patchinfo/show/131629

Trust: 0.6

sources: CNVD: CNVD-2018-11825

EXTERNAL IDS

db:CNVDid:CNVD-2018-11825

Trust: 0.6

sources: CNVD: CNVD-2018-11825

SOURCES

db:CNVDid:CNVD-2018-11825

LAST UPDATE DATE

2022-05-04T09:38:57.743000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-11825date:2018-08-02T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-11825date:2018-10-26T00:00:00