Sign-up

ID

VAR-201912-2011


TITLE

ZLAN network card has a denial of service vulnerability

Trust: 0.6

sources: CNVD: CNVD-2019-43828

DESCRIPTION

ZLAN5103 can realize transparent data forwarding between RS232 / 485/422 and TCP / IP. Conveniently make serial devices connect to Ethernet and Internet, and realize the network upgrade of serial devices. There is a denial of service vulnerability in ZLAN. Sending malformed RST packets to ZLAN5103 TCP 4196 port will cause denial of service on ZLAN5103 TCP 4196 and TCP 80 ports. The device needs to be powered off and restarted to recover. An attacker can use the vulnerability to launch a denial of service attack.

Trust: 0.6

sources: CNVD: CNVD-2019-43828

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2019-43828

AFFECTED PRODUCTS

vendor:zhuolan informationmodel:zlan network cardscope:eqversion:5103

Trust: 0.6

sources: CNVD: CNVD-2019-43828

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2019-43828
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2019-43828
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2019-43828

PATCH

title:ZLAN network card has a denial of service vulnerabilityurl:https://www.cnvd.org.cn/patchinfo/show/189811

Trust: 0.6

sources: CNVD: CNVD-2019-43828

EXTERNAL IDS

db:CNVDid:CNVD-2019-43828

Trust: 0.6

sources: CNVD: CNVD-2019-43828

SOURCES

db:CNVDid:CNVD-2019-43828

LAST UPDATE DATE

2022-05-04T09:09:54.360000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2019-43828date:2019-12-10T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2019-43828date:2019-12-26T00:00:00