Details of VAR-202107-1710

ID

VAR-202107-1710

TITLE

Any file download vulnerability exists in the multi-service security gateway of Shanghai Huayi Technology Group Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2021-45914

DESCRIPTION

Shanghai Huayi Technology Group Co., Ltd. is a company mainly engaged in the research and development, manufacturing of test benches in the field of automotive powertrain and the provision of related technical services. An arbitrary file download vulnerability exists in the multi-service security gateway of Shanghai Huayi Technology Group Co., Ltd., which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-45914

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-45914

AFFECTED PRODUCTS

vendor:

huayi group

model:

multi-service security gateway

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-45914

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-45914
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-45914
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-45914

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-45914

Trust: 0.6

sources: CNVD: CNVD-2021-45914

SOURCES

db:

CNVD

id:

CNVD-2021-45914

LAST UPDATE DATE

2022-05-04T09:08:30.167000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-45914

date:

2021-06-30T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-45914

date:

2021-07-31T00:00:00