CVE-2017-6558

{"id": "CVE-2017-6558", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": true, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2017-03-09T09:59:00.363", "references": [{"url": "http://www.securityfocus.com/bid/96822", "source": "cve@mitre.org"}, {"url": "https://www.youtube.com/watch?v=8GZg1IuSfCs", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/96822", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.youtube.com/watch?v=8GZg1IuSfCs", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an authentication bypass vulnerability that allows remote attackers to view and modify administrative router settings by reading the HTML source code of the password.cgi file."}, {"lang": "es", "value": "Dispositivos iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n son propensos a una vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n que permite a atacantes remotos ver y modificar la configuraci\u00f3n administrativa del router leyendo el c\u00f3digo fuente HTML del archivo password.cgi."}], "lastModified": "2024-11-21T03:30:01.730", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:iball:ib-wra150n_firmware:1.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AAD4C77-CAA7-4B35-AE3E-F41895D1B5A8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:iball:ib-wra150n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2C9AEFCD-95EC-4A36-B1F3-F5D91761F477"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}