Sign-up

ID

VAR-201905-0827


CVE

CVE-2018-19037


TITLE

Virgin Media wireless router hub Device depletion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-015418

DESCRIPTION

On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable to anyone currently using the web interface. This vulnerability stems from improper management of system resources (such as memory, disk space, files, etc.) by network systems or products

Trust: 1.71

sources: NVD: CVE-2018-19037 // JVNDB: JVNDB-2018-015418 // VULHUB: VHN-129656

AFFECTED PRODUCTS

vendor:virginmediamodel:hub 3.0scope:eqversion: -

Trust: 1.0

vendor:virgin mediamodel:hub 3.0scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2018-015418 // NVD: CVE-2018-19037

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-19037
value: HIGH

Trust: 1.0

NVD: CVE-2018-19037
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201905-300
value: HIGH

Trust: 0.6

VULHUB: VHN-129656
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-19037
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-129656
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-19037
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-129656 // JVNDB: JVNDB-2018-015418 // CNNVD: CNNVD-201905-300 // NVD: CVE-2018-19037

PROBLEMTYPE DATA

problemtype:CWE-400

Trust: 1.9

sources: VULHUB: VHN-129656 // JVNDB: JVNDB-2018-015418 // NVD: CVE-2018-19037

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201905-300

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201905-300

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-015418

PATCH
title:Hub 3.0url:https://www.virginmedia.com/help/virgin-media-what-do-the-lights-on-your-hub-mean
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2018-015418

EXTERNAL IDS
db:NVDid:CVE-2018-19037
Trust: 2.5
db:EXPLOIT-DBid:45776
Trust: 2.5
db:JVNDBid:JVNDB-2018-015418
Trust: 0.8
db:CNNVDid:CNNVD-201905-300
Trust: 0.7
db:VULHUBid:VHN-129656
Trust: 0.1
sources:
            
            
            VULHUB: VHN-129656 // 
            
            
            
            JVNDB: JVNDB-2018-015418 // 
            
            
            
            CNNVD: CNNVD-201905-300 // 
            
            
            
            NVD: CVE-2018-19037

REFERENCES
url:https://www.exploit-db.com/exploits/45776/
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2018-19037
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19037
Trust: 0.8
url:https://www.exploit-db.com/exploits/45776
Trust: 0.8
sources:
            
            
            VULHUB: VHN-129656 // 
            
            
            
            JVNDB: JVNDB-2018-015418 // 
            
            
            
            CNNVD: CNNVD-201905-300 // 
            
            
            
            NVD: CVE-2018-19037

SOURCES
db:VULHUBid:VHN-129656
db:JVNDBid:JVNDB-2018-015418
db:CNNVDid:CNNVD-201905-300
db:NVDid:CVE-2018-19037

LAST UPDATE DATE
2024-11-23T22:55:32.925000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-129656date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2018-015418date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-300date:2019-05-28T00:00:00
db:NVDid:CVE-2018-19037date:2024-11-21T03:57:11.940

SOURCES RELEASE DATE
db:VULHUBid:VHN-129656date:2019-05-13T00:00:00
db:JVNDBid:JVNDB-2018-015418date:2019-06-04T00:00:00
db:CNNVDid:CNNVD-201905-300date:2019-05-13T00:00:00
db:NVDid:CVE-2018-19037date:2019-05-13T13:29:02.183