Details of VAR-202101-1982

ID

VAR-202101-1982

TITLE

Watson Aotian HAN series smart wireless AP devices have unauthorized access vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2020-73269

DESCRIPTION

Beijing Huaxin Aotian Network Technology Co., Ltd. was registered and established in Haidian Branch on October 13, 2015. The company's business scope includes technology development, technology promotion, technology transfer, technology consulting, technology services, etc. Huaxin Aotian HAN series smart wireless AP devices have an unauthorized access vulnerability. Attackers can use this vulnerability to connect to the MQTT server anonymously and subscribe to arbitrary messages, causing information leakage.

Trust: 0.6

sources: CNVD: CNVD-2020-73269

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-73269

AFFECTED PRODUCTS

vendor:

huaxin aotian network

model:

han series smart wireless ap equipment

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2020-73269

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-73269
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-73269
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-73269

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-73269

Trust: 0.6

sources: CNVD: CNVD-2020-73269

SOURCES

db:

CNVD

id:

CNVD-2020-73269

LAST UPDATE DATE

2022-05-04T10:03:17.602000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-73269

date:

2020-12-22T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-73269

date:

2021-01-22T00:00:00