Sign-up

ID

VAR-202001-1971


TITLE

Command execution vulnerability in background of JX-J835-R835R router

Trust: 0.6

sources: CNVD: CNVD-2020-01226

DESCRIPTION

JCG JHR-N835R, with USB shared storage, shared printer and other functions. It still continues the high-power characteristics of the King Kong series, with three external antennas for stronger signals. The power of the machine can be adjusted according to the needs of the three gears. It is the best choice for wireless Internet access in homes and small office areas. JCG JHR-N835R router has a command execution vulnerability in the background. Attackers can use this leak to execute arbitrary malicious commands.

Trust: 0.6

sources: CNVD: CNVD-2020-01226

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-01226

AFFECTED PRODUCTS

vendor:yichenmodel:jhr-n835r routerscope:eqversion:30.1.2.1905

Trust: 0.6

sources: CNVD: CNVD-2020-01226

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-01226
value: HIGH

Trust: 0.6

CNVD: CNVD-2020-01226
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-01226

PATCH

title:Command execution vulnerability in background of JX-J835-R835R routerurl:https://www.cnvd.org.cn/patchinfo/show/192543

Trust: 0.6

sources: CNVD: CNVD-2020-01226

EXTERNAL IDS

db:CNVDid:CNVD-2020-01226

Trust: 0.6

sources: CNVD: CNVD-2020-01226

SOURCES

db:CNVDid:CNVD-2020-01226

LAST UPDATE DATE

2022-05-04T09:42:36.901000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-01226date:2020-01-17T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-01226date:2020-01-12T00:00:00