Details of VAR-202107-1689

ID

VAR-202107-1689

TITLE

Bihaiwei L7 cloud router wireless operation version has a command execution vulnerability (CNVD-2021-41531)

Trust: 0.6

sources: CNVD: CNVD-2021-41531

DESCRIPTION

Bihaiwei L7 Cloud Road Wireless Operation Edition is a dedicated network equipment customized for commercial wireless managers such as hotels, resorts, shopping malls and stations. The device has multiple functions such as routing, firewall, flow control, wireless AC controller, and WeChat authentication. Bihaiwei L7 cloud router wireless operation version has command execution vulnerabilities. Attackers can use this vulnerability to execute arbitrary system commands on the device and obtain device permissions.

Trust: 0.6

sources: CNVD: CNVD-2021-41531

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-41531

AFFECTED PRODUCTS

vendor:

bihaiwei

model:

l7 cloud router wireless operation edition

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-41531

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-41531
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2021-41531
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-41531

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-41531

Trust: 0.6

sources: CNVD: CNVD-2021-41531

SOURCES

db:

CNVD

id:

CNVD-2021-41531

LAST UPDATE DATE

2022-05-04T09:08:30.178000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-41531

date:

2021-06-15T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-41531

date:

2021-07-14T00:00:00