CVE-2020-24355

{"id": "CVE-2020-24355", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-09-02T12:15:10.550", "references": [{"url": "https://blog.somegeneric.ninja/Zyxel_VMG5153_B30B", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://blog.somegeneric.ninja/Zyxel_VMG5153_B30B_part2", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.zyxel.com/support/security_advisories.shtml", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://blog.somegeneric.ninja/Zyxel_VMG5153_B30B", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://blog.somegeneric.ninja/Zyxel_VMG5153_B30B_part2", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.zyxel.com/support/security_advisories.shtml", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing \"FirstIndex\" field in JSON that is POST-ed during account creation. Similar may also be possible with account deletion."}, {"lang": "es", "value": "El enrutador Zyxel VMG5313-B30B en la versi\u00f3n de firmware 5.13 (ABCJ.6) b3_1127, y posiblemente las versiones de firmware anteriores, est\u00e1n afectadas por permisos no seguros que permiten a usuarios regulares y de otro tipo crear nuevos usuarios con privilegios elevados. Esto se hace al cambiar el campo \"FirstIndex\" en JSON que es Publicado durante la creaci\u00f3n de la cuenta. Tambi\u00e9n es posible hacer algo similar con la eliminaci\u00f3n de la cuenta"}], "lastModified": "2024-11-21T05:14:39.337", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:vmg5313-b30b_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA4E65FE-9E1F-4BCB-8324-8410F1B61028", "versionEndIncluding": "5.13\\(abcj.6\\)b3_1127"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:vmg5313-b30b:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7EA4CE3-B596-42B3-9525-2C48641F3F4A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}