Details of VAR-202107-1792

ID

VAR-202107-1792

TITLE

Phicomm router K1 version has weak password vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-40209

DESCRIPTION

Shanghai Phicomm Data Communication Technology Co., Ltd. is a technologically innovative enterprise that provides users with smart products and cloud services in the field of smart homes. Phicomm router K1 version has weak password vulnerability. Attackers can use this vulnerability to log in to the background to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2021-40209

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-40209

AFFECTED PRODUCTS

vendor:

phicomm data communication

model:

router k1

scope:

version:

22.4.2.15

Trust: 0.6

sources: CNVD: CNVD-2021-40209

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-40209
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-40209
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-40209

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-40209

Trust: 0.6

sources: CNVD: CNVD-2021-40209

SOURCES

db:

CNVD

id:

CNVD-2021-40209

LAST UPDATE DATE

2022-05-04T09:21:18.021000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-40209

date:

2021-06-08T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-40209

date:

2021-07-06T00:00:00