Sign-up

ID

VAR-201909-1668


TITLE

Command execution vulnerability exists in sweeping robot of Shenzhen Shanchuan Robot Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2019-29876

DESCRIPTION

Shenzhen Shanchuan Robot Co., Ltd. is a high-tech enterprise focusing on the research and development, production and sales of sweeping robots. There is a command execution vulnerability in the sweeping robot of Shenzhen Shanchuan Robot Co., Ltd. An attacker can use this vulnerability to interact with the server to execute commands remotely, posing information leakage and operational security risks.

Trust: 0.6

sources: CNVD: CNVD-2019-29876

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-29876

AFFECTED PRODUCTS

vendor:shanchuan robotmodel: - scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2019-29876

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-29876
value: HIGH

Trust: 0.6

CNVD: CNVD-2019-29876
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2019-29876

PATCH

title:Command execution vulnerability exists in sweeping robot of Shenzhen Shanchuan Robot Co., Ltd.url:https://www.cnvd.org.cn/patchinfo/show/174051

Trust: 0.6

sources: CNVD: CNVD-2019-29876

EXTERNAL IDS

db:CNVDid:CNVD-2019-29876

Trust: 0.6

sources: CNVD: CNVD-2019-29876

SOURCES

db:CNVDid:CNVD-2019-29876

LAST UPDATE DATE

2022-05-04T09:03:07.759000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-29876date:2019-09-03T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-29876date:2019-09-20T00:00:00