Details of VAR-201901-0743

ID

VAR-201901-0743

CVE

CVE-2018-0639

TITLE

NEC Aterm HC100RC Operating System Command Injection Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2019-01317 // CNNVD: CNNVD-201901-254

DESCRIPTION

Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via tools_firmware.cgi date parameter, time parameter, and offset parameter. Aterm HC100RC provided by NEC Corporation contains multiple vulnerabilities listed below. * OS Command Injection (CWE-78) - CVE-2018-0634, CVE-2018-0635, CVE-2018-0636, CVE-2018-0637, CVE-2018-0638, CVE-2018-0639 * Buffer Overflow (CWE-119) - CVE-2018-0640, CVE-2018-0641 Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.* A user who can access the product with administrative privileges may execute an arbitrary OS command. - CVE-2018-0634, CVE-2018-0635, CVE-2018-0636, CVE-2018-0637, CVE-2018-0638, CVE-2018-0639 * A user who can access the product with administrative privileges may execute an arbitrary code. - CVE-2018-0640, CVE-2018-0641. The NECAtermHC100RC is a network camera from NEC. An operating system command injection vulnerability exists in the NECAtermHC100RC with firmware version 1.0.1 and earlier. An attacker can use the \342\200\230date\342\200\231, \342\200\230time\342\200\231, and \342\200\230offset\342\200\231 parameters to execute any operating system command

Trust: 2.16

sources: NVD: CVE-2018-0639 // JVNDB: JVNDB-2018-000077 // CNVD: CNVD-2019-01317

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-01317

AFFECTED PRODUCTS

vendor:	nec	model:	aterm hc100rc	scope:	lte	version:	1.0.1	Trust: 1.0
vendor:	nec	model:	aterm hc100rc	scope:	lte	version:	camera firmware ver1.0.1	Trust: 0.8
vendor:	nec	model:	aterm hc100rc	scope:	lte	version:	<=1.0.1	Trust: 0.6
vendor:	nec	model:	aterm hc100rc	scope:	eq	version:	1.0.1	Trust: 0.6

sources: CNVD: CNVD-2019-01317 // JVNDB: JVNDB-2018-000077 // CNNVD: CNNVD-201901-254 // NVD: CVE-2018-0639

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA:	JVNDB-2018-000077
value:	MEDIUM
Trust: 1.6
nvd@nist.gov:	CVE-2018-0639
value:	HIGH
Trust: 1.0
CNVD:	CNVD-2019-01317
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201901-254
value:	CRITICAL
Trust: 0.6

IPA:	JVNDB-2018-000077
severity:	MEDIUM
baseScore:	5.2
vectorString:	AV:A/AC:L/AU:S/C:P/I:P/A:P
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.6
nvd@nist.gov:	CVE-2018-0639
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
CNVD:	CNVD-2019-01317
severity:	MEDIUM
baseScore:	6.5
vectorString:	AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

IPA:	JVNDB-2018-000077
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 1.6
nvd@nist.gov:	CVE-2018-0639
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.0

sources: CNVD: CNVD-2019-01317 // JVNDB: JVNDB-2018-000077 // JVNDB: JVNDB-2018-000077 // CNNVD: CNNVD-201901-254 // NVD: CVE-2018-0639

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.8
problemtype:	CWE-119	Trust: 0.8

sources: JVNDB: JVNDB-2018-000077 // NVD: CVE-2018-0639

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201901-254

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201901-254

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-000077

PATCH

title:	NV18-011	url:	https://jpn.nec.com/security-info/secinfo/nv18-011.html	Trust: 0.8
title:	NECAtermHC100RC operating system command injection vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/149727	Trust: 0.6
title:	NEC Aterm HC100RC Fixes for operating system command injection vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88438	Trust: 0.6

sources: CNVD: CNVD-2019-01317 // JVNDB: JVNDB-2018-000077 // CNNVD: CNNVD-201901-254

EXTERNAL IDS

db:	NVD	id:	CVE-2018-0639	Trust: 3.0
db:	JVN	id:	JVN84825660	Trust: 3.0
db:	JVNDB	id:	JVNDB-2018-000077	Trust: 0.8
db:	CNVD	id:	CNVD-2019-01317	Trust: 0.6
db:	CNNVD	id:	CNNVD-201901-254	Trust: 0.6

sources: CNVD: CNVD-2019-01317 // JVNDB: JVNDB-2018-000077 // CNNVD: CNNVD-201901-254 // NVD: CVE-2018-0639

REFERENCES

url:	https://jvn.jp/en/jp/jvn84825660/index.html	Trust: 3.0
url:	https://jpn.nec.com/security-info/secinfo/nv18-011.html	Trust: 2.2
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0638	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0639	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0640	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0641	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0634	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0635	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0636	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0637	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0637	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0638	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0639	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0640	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0641	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0634	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0635	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-0636	Trust: 0.8

sources: CNVD: CNVD-2019-01317 // JVNDB: JVNDB-2018-000077 // CNNVD: CNNVD-201901-254 // NVD: CVE-2018-0639

SOURCES

db:	CNVD	id:	CNVD-2019-01317
db:	JVNDB	id:	JVNDB-2018-000077
db:	CNNVD	id:	CNNVD-201901-254
db:	NVD	id:	CVE-2018-0639

LAST UPDATE DATE

2024-11-23T21:37:45.395000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-01317	date:	2019-01-14T00:00:00
db:	JVNDB	id:	JVNDB-2018-000077	date:	2019-08-27T00:00:00
db:	CNNVD	id:	CNNVD-201901-254	date:	2019-01-10T00:00:00
db:	NVD	id:	CVE-2018-0639	date:	2024-11-21T03:38:38.573

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-01317	date:	2019-01-11T00:00:00
db:	JVNDB	id:	JVNDB-2018-000077	date:	2018-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201901-254	date:	2019-01-10T00:00:00
db:	NVD	id:	CVE-2018-0639	date:	2019-01-09T23:29:01.153