ID
VAR-201908-0045
CVE
CVE-2019-6113
TITLE
ONKYO TX-NR686 A/V Receiver Path traversal vulnerability in devices
Trust: 0.8
DESCRIPTION
Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver devices allows remote attackers to read arbitrary files via a .. (dot dot) and %2f to the default URI. ONKYO TX-NR686 A/V Receiver The device contains a path traversal vulnerability.Information may be obtained. ONKYO TX-NR686 1030-5000-1040-0010 A/V Receiver is a home theater equipment produced by ONKYO, Japan. The vulnerability stems from a network system or product that fails to properly filter resources or special elements in file paths. An attacker could exploit this vulnerability to access locations outside of restricted directories
Trust: 1.71
AFFECTED PRODUCTS
| vendor: | onkyo | model: | tx-nr686 | scope: | eq | version: | 1030-5000-1040-0010 | Trust: 1.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-22 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
path traversal
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Top Page | url: | https://www.jp.onkyo.com/ | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2019-6113 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2019-008792 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201908-2237 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-157548 | Trust: 0.1 |
REFERENCES
| url: | https://www.contextis.com/en/resources/advisories/cve-2019-6113 | Trust: 2.5 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-6113 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6113 | Trust: 0.8 |
SOURCES
| db: | VULHUB | id: | VHN-157548 |
| db: | JVNDB | id: | JVNDB-2019-008792 |
| db: | CNNVD | id: | CNNVD-201908-2237 |
| db: | NVD | id: | CVE-2019-6113 |
LAST UPDATE DATE
2024-11-23T22:58:37.453000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-157548 | date: | 2019-09-04T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-008792 | date: | 2019-09-06T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-2237 | date: | 2019-09-12T00:00:00 |
| db: | NVD | id: | CVE-2019-6113 | date: | 2024-11-21T04:45:58.267 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-157548 | date: | 2019-08-30T00:00:00 |
| db: | JVNDB | id: | JVNDB-2019-008792 | date: | 2019-09-06T00:00:00 |
| db: | CNNVD | id: | CNNVD-201908-2237 | date: | 2019-08-30T00:00:00 |
| db: | NVD | id: | CVE-2019-6113 | date: | 2019-08-30T09:15:21.427 |