Sign-up

ID

VAR-201904-0121


CVE

CVE-2019-9974


TITLE

DASAN H660RM GPON Authorization vulnerability in router firmware

Trust: 0.8

sources: JVNDB: JVNDB-2019-003424

DESCRIPTION

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to run a ping command via a GET request to enumerate LAN devices or crash the router with a DoS attack. DASAN H660RM GPON There is an authorization vulnerability in the router firmware.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. DASAN H660RM is a GPON optical network terminal equipment produced by Korea DASAN Company. There is an authorization problem vulnerability in the diag_tool.cgi file in DASAN H660RM with firmware version 1.03-0022. This vulnerability stems from the lack of authentication measures or insufficient authentication strength in network systems or products

Trust: 1.71

sources: NVD: CVE-2019-9974 // JVNDB: JVNDB-2019-003424 // VULHUB: VHN-161409

AFFECTED PRODUCTS

vendor:dasannetworksmodel:h660rmscope:eqversion:1.03-0022

Trust: 1.0

vendor:dasanmodel:h660rmscope:eqversion:1.03-0022

Trust: 0.8

sources: JVNDB: JVNDB-2019-003424 // NVD: CVE-2019-9974

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-9974
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-9974
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-201903-1032
value: CRITICAL

Trust: 0.6

VULHUB: VHN-161409
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-9974
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-161409
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-9974
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-161409 // JVNDB: JVNDB-2019-003424 // CNNVD: CNNVD-201903-1032 // NVD: CVE-2019-9974

PROBLEMTYPE DATA

problemtype:CWE-306

Trust: 1.1

problemtype:CWE-862

Trust: 1.1

problemtype:CWE-285

Trust: 0.9

sources: VULHUB: VHN-161409 // JVNDB: JVNDB-2019-003424 // NVD: CVE-2019-9974

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-1032

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201903-1032

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003424

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-161409

PATCH
title:Top Pageurl:http://www.dasannetworks.com/en/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-003424

EXTERNAL IDS
db:NVDid:CVE-2019-9974
Trust: 2.5
db:PACKETSTORMid:152232
Trust: 1.7
db:JVNDBid:JVNDB-2019-003424
Trust: 0.8
db:CNNVDid:CNNVD-201903-1032
Trust: 0.7
db:VULHUBid:VHN-161409
Trust: 0.1
sources:
            
            
            VULHUB: VHN-161409 // 
            
            
            
            JVNDB: JVNDB-2019-003424 // 
            
            
            
            CNNVD: CNNVD-201903-1032 // 
            
            
            
            NVD: CVE-2019-9974

REFERENCES
url:https://blog.burghardt.pl/2019/03/diag_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-allows-spawning-ping-processes-without-any-authorization-leading-to-information-disclosure-and-dos-attacks/
Trust: 2.5
url:http://packetstormsecurity.com/files/152232/dasan-h660rm-information-disclosure-hardcoded-key.html
Trust: 2.3
url:https://seclists.org/bugtraq/2019/mar/41
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-9974
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9974
Trust: 0.8
sources:
            
            
            VULHUB: VHN-161409 // 
            
            
            
            JVNDB: JVNDB-2019-003424 // 
            
            
            
            CNNVD: CNNVD-201903-1032 // 
            
            
            
            NVD: CVE-2019-9974

CREDITS
Krzysztof Burghardt
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201903-1032

SOURCES
db:VULHUBid:VHN-161409
db:JVNDBid:JVNDB-2019-003424
db:CNNVDid:CNNVD-201903-1032
db:NVDid:CVE-2019-9974

LAST UPDATE DATE
2024-11-23T22:12:07.603000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-161409date:2020-08-24T00:00:00
db:JVNDBid:JVNDB-2019-003424date:2019-05-16T00:00:00
db:CNNVDid:CNNVD-201903-1032date:2020-10-28T00:00:00
db:NVDid:CVE-2019-9974date:2024-11-21T04:52:42.743

SOURCES RELEASE DATE
db:VULHUBid:VHN-161409date:2019-04-11T00:00:00
db:JVNDBid:JVNDB-2019-003424date:2019-05-16T00:00:00
db:CNNVDid:CNNVD-201903-1032date:2019-03-26T00:00:00
db:NVDid:CVE-2019-9974date:2019-04-11T19:29:01.503