Details of VAR-201908-2203

ID

VAR-201908-2203

TITLE

Four letter 4G router F7A26 has unauthorized access vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-23501

DESCRIPTION

Xiamen Sixin Communication Technology Co., Ltd. is the research and development, production, promotion and service of IoT application products and high-end wireless communication transmission equipment in the industrial field. Four letter 4G router F7A26 has an unauthorized access vulnerability. Attackers can use the vulnerability to directly access the IP for management control.

Trust: 0.6

sources: CNVD: CNVD-2019-23501

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-23501

AFFECTED PRODUCTS

vendor:

sixin communication

model:

4g router f7a26

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2019-23501

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2019-23501
value:	LOW
Trust: 0.6

CNVD:	CNVD-2019-23501
severity:	LOW
baseScore:	3.3
vectorString:	AV:A/AC:L/AU:N/C:P/I:N/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2019-23501

PATCH

title:

Four letters F7A26 4G router remote management has unauthorized access vulnerability

url:

https://www.cnvd.org.cn/patchinfo/show/168881

Trust: 0.6

sources: CNVD: CNVD-2019-23501

EXTERNAL IDS

db:

CNVD

id:

CNVD-2019-23501

Trust: 0.6

sources: CNVD: CNVD-2019-23501

SOURCES

db:

CNVD

id:

CNVD-2019-23501

LAST UPDATE DATE

2022-05-04T08:35:36.677000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2019-23501

date:

2019-07-22T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2019-23501

date:

2019-08-26T00:00:00