Details of VAR-202106-2083

ID

VAR-202106-2083

TITLE

Phicomm router K2P has arbitrary file reading vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-32783

DESCRIPTION

Phicomm Data Communication Technology Co., Ltd. was established in 2009. It is a technologically innovative enterprise that provides users with smart products and cloud services in the field of smart homes. Smart Life is a strategic section of Phicomm’s Internet. It uses smart network equipment, smart hardware, APP and Internet communication. The channel is the carrier of operation. Phicomm router K2P has an arbitrary file reading vulnerability, which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-32783

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-32783

AFFECTED PRODUCTS

vendor:

phicomm data communication

model:

router k2p

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-32783

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-32783
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-32783
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-32783

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-32783

Trust: 0.6

sources: CNVD: CNVD-2021-32783

SOURCES

db:

CNVD

id:

CNVD-2021-32783

LAST UPDATE DATE

2022-05-04T08:52:04.679000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-32783

date:

2021-05-07T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-32783

date:

2021-06-03T00:00:00