Sign-up

ID

VAR-201903-1224


CVE

CVE-2018-3969


TITLE

CUJO Smart Firewall Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015146

DESCRIPTION

An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall. It is possible to add arbitrary shell commands into the dhcpd.conf file, that persist across reboots and firmware updates, and thus allow for executing unverified commands. To trigger this vulnerability, a local attacker needs to be able to write into /config/dhcpd.conf. CUJO Smart Firewall Contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Permission permissions and access control vulnerabilities exist in the Authentication Boot Protection feature in CUJOSmartFirewall using firmware version 7003

Trust: 2.25

sources: NVD: CVE-2018-3969 // JVNDB: JVNDB-2018-015146 // CNVD: CNVD-2019-07792 // VULHUB: VHN-134000

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-07792

AFFECTED PRODUCTS

vendor:getcujomodel:smart firewallscope:eqversion:7003

Trust: 1.0

vendor:cujo aimodel:smart firewallscope: - version: -

Trust: 0.8

vendor:cujomodel:smart firewallscope:eqversion:7003

Trust: 0.6

sources: CNVD: CNVD-2019-07792 // JVNDB: JVNDB-2018-015146 // NVD: CVE-2018-3969

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-3969
value: HIGH

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3969
value: HIGH

Trust: 1.0

NVD: CVE-2018-3969
value: HIGH

Trust: 0.8

CNVD: CNVD-2019-07792
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201903-656
value: HIGH

Trust: 0.6

VULHUB: VHN-134000
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-3969
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2019-07792
severity: MEDIUM
baseScore: 4.6
vectorString: AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-134000
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-3969
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

talos-cna@cisco.com: CVE-2018-3969
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.5
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2018-3969
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2019-07792 // VULHUB: VHN-134000 // JVNDB: JVNDB-2018-015146 // CNNVD: CNNVD-201903-656 // NVD: CVE-2018-3969 // NVD: CVE-2018-3969

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.1

problemtype:CWE-77

Trust: 0.9

sources: VULHUB: VHN-134000 // JVNDB: JVNDB-2018-015146 // NVD: CVE-2018-3969

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201903-656

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-201903-656

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015146

PATCH
title:Top Pageurl:https://www.getcujo.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-015146

EXTERNAL IDS
db:NVDid:CVE-2018-3969
Trust: 3.1
db:TALOSid:TALOS-2018-0634
Trust: 3.1
db:JVNDBid:JVNDB-2018-015146
Trust: 0.8
db:CNNVDid:CNNVD-201903-656
Trust: 0.7
db:CNVDid:CNVD-2019-07792
Trust: 0.6
db:NSFOCUSid:43008
Trust: 0.6
db:VULHUBid:VHN-134000
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-07792 // 
            
            
            
            VULHUB: VHN-134000 // 
            
            
            
            JVNDB: JVNDB-2018-015146 // 
            
            
            
            CNNVD: CNNVD-201903-656 // 
            
            
            
            NVD: CVE-2018-3969

REFERENCES
url:https://talosintelligence.com/vulnerability_reports/talos-2018-0634
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2018-3969
Trust: 1.4
url:https://www.talosintelligence.com/vulnerability_reports/talos-2018-0634
Trust: 1.2
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3969
Trust: 0.8
url:http://www.nsfocus.net/vulndb/43008
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-07792 // 
            
            
            
            VULHUB: VHN-134000 // 
            
            
            
            JVNDB: JVNDB-2018-015146 // 
            
            
            
            CNNVD: CNNVD-201903-656 // 
            
            
            
            NVD: CVE-2018-3969

CREDITS
Claudio Bozzato      ,Discovered by Claudio Bozzato ,  Yves Younan ,  Aleksandar Nikolic ,  Martin Zeiser ,  Marcin ‘Icewall’ Noga ,  Lilith Wyatt <(^_^)> ,  Cory Duplantis ,  Tyler Bohan of Cisco Talos.,Discovered by Claudio Bozzato ,  Yves Younan ,  Aleksandar Nikolic ,  Martin Zeiser ,  Marcin 'Icewall' Noga ,  Lilith Wyatt <(^_^)> ,  Cory Duplantis ,  Tyler Bohan of Cisco Talos.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201903-656

SOURCES
db:CNVDid:CNVD-2019-07792
db:VULHUBid:VHN-134000
db:JVNDBid:JVNDB-2018-015146
db:CNNVDid:CNNVD-201903-656
db:NVDid:CVE-2018-3969

LAST UPDATE DATE
2024-11-23T22:55:38.356000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-07792date:2019-03-22T00:00:00
db:VULHUBid:VHN-134000date:2023-02-02T00:00:00
db:JVNDBid:JVNDB-2018-015146date:2019-05-07T00:00:00
db:CNNVDid:CNNVD-201903-656date:2022-04-20T00:00:00
db:NVDid:CVE-2018-3969date:2024-11-21T04:06:24.373

SOURCES RELEASE DATE
db:CNVDid:CNVD-2019-07792date:2019-03-22T00:00:00
db:VULHUBid:VHN-134000date:2019-03-21T00:00:00
db:JVNDBid:JVNDB-2018-015146date:2019-05-07T00:00:00
db:CNNVDid:CNNVD-201903-656date:2019-03-19T00:00:00
db:NVDid:CVE-2018-3969date:2019-03-21T16:29:01.597