CVE-2015-9550 - Vulnerability Details

Vendors	Products
Totolink	A850r-v1 A850r-v1 Firmware F1-v2 F1-v2 Firmware F2-v1 F2-v1 Firmware N150rt-v2 N150rt-v2 Firmware N151rt-v2 N151rt-v2 Firmware N300rh-v2 N300rh-v2 Firmware N300rh-v3 N300rh-v3 Firmware N300rt-v2 N300rt-v2 Firmware

Link	Providers
https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-24T21:01:41", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-9550", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html", "refsource": "MISC", "url": "https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T08:51:05.311Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-9550", "datePublished": "2020-11-24T21:01:41", "dateReserved": "2020-11-24T00:00:00", "dateUpdated": "2024-08-06T08:51:05.311Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2020-11-24T21:01:41 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2015-9550 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html (string)

refsource : MISC (string)

url : https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T08:51:05.311Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2015-9550 (string)

datePublished : 2020-11-24T21:01:41 (string)

dateReserved : 2020-11-24T00:00:00 (string)

dateUpdated : 2024-08-06T08:51:05.311Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:a850r-v1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "29DDFAFC-3538-45B5-AB36-3895F16BD764", "versionEndExcluding": "1.0.1-b20150707.1612", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:a850r-v1:-:*:*:*:*:*:*:*", "matchCriteriaId": "74953383-D90B-4B54-B02B-617BCF8010E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:f1-v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBC80064-797F-487C-99C1-D8F4981D4990", "versionEndExcluding": "2.1.1-b20150708.1646", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:f1-v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "611785C4-C11E-4F73-BB8B-DFEE66F3FB6A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:f2-v1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6844CA14-C66E-4E6B-ABC6-1D083EEF9D82", "versionEndExcluding": "2.1.0-b20150320.1611", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:f2-v1:-:*:*:*:*:*:*:*", "matchCriteriaId": "B693CF6C-A0C7-42DD-AA82-36887087BCED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:n150rt-v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "572842ED-48C4-4D90-B107-EF6DBFC19585", "versionEndExcluding": "2.1.1-b20150708.1548", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:n150rt-v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "0251C2F8-9BCC-4B34-8747-09CA39E6CE7C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:n151rt-v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7E9FE34-8EBD-47BD-AD90-F07381E0C06A", "versionEndExcluding": "1.1-b20150708.1559", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:n151rt-v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "00922E42-2177-4214-8A1E-8FEB6BDE2869", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:n300rh-v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D436BD3-1C39-49CE-BC15-50C890F58931", "versionEndExcluding": "2.0.1-b20150708.1625", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:n300rh-v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "B0ECED9E-930D-4061-ABB4-CC2DD2346BBC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:n300rh-v3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BC6C344-01DD-4EB6-B1A3-60B782E81BA4", "versionEndExcluding": "3.0.0-b20150331.0858", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:n300rh-v3:-:*:*:*:*:*:*:*", "matchCriteriaId": "058F675A-3C67-4B73-808C-8C65D7D65C12", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:n300rt-v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "74971352-B072-4A9A-B07E-4E92F35C716A", "versionEndExcluding": "2.1.1-b20150708.1613", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:n300rt-v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4637323A-10A8-4841-BC49-3EF2894C5F86", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos TOTOLINK A850R-V1 versiones hasta 1.0.1-B20150707.1612 y F1-V2 versiones hasta 1.1-B20150708.1646.&#xa0;Mediante el env\u00edo de un paquete hel,xasf espec\u00edfico hacia la interfaz WAN, es posible abrir la interfaz de administraci\u00f3n web sobre la interfaz WAN"}], "id": "CVE-2015-9550", "lastModified": "2024-11-21T02:40:54.460", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-24T21:15:11.353", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:a850r-v1_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 29DDFAFC-3538-45B5-AB36-3895F16BD764 (string)

versionEndExcluding : 1.0.1-b20150707.1612 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:a850r-v1:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 74953383-D90B-4B54-B02B-617BCF8010E9 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:f1-v2_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FBC80064-797F-487C-99C1-D8F4981D4990 (string)

versionEndExcluding : 2.1.1-b20150708.1646 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:f1-v2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 611785C4-C11E-4F73-BB8B-DFEE66F3FB6A (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:f2-v1_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6844CA14-C66E-4E6B-ABC6-1D083EEF9D82 (string)

versionEndExcluding : 2.1.0-b20150320.1611 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:f2-v1:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B693CF6C-A0C7-42DD-AA82-36887087BCED (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:n150rt-v2_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 572842ED-48C4-4D90-B107-EF6DBFC19585 (string)

versionEndExcluding : 2.1.1-b20150708.1548 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:n150rt-v2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 0251C2F8-9BCC-4B34-8747-09CA39E6CE7C (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:n151rt-v2_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F7E9FE34-8EBD-47BD-AD90-F07381E0C06A (string)

versionEndExcluding : 1.1-b20150708.1559 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:n151rt-v2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 00922E42-2177-4214-8A1E-8FEB6BDE2869 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:n300rh-v2_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 1D436BD3-1C39-49CE-BC15-50C890F58931 (string)

versionEndExcluding : 2.0.1-b20150708.1625 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:n300rh-v2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B0ECED9E-930D-4061-ABB4-CC2DD2346BBC (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

6 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:n300rh-v3_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3BC6C344-01DD-4EB6-B1A3-60B782E81BA4 (string)

versionEndExcluding : 3.0.0-b20150331.0858 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:n300rh-v3:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 058F675A-3C67-4B73-808C-8C65D7D65C12 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

7 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:totolink:n300rt-v2_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 74971352-B072-4A9A-B07E-4E92F35C716A (string)

versionEndExcluding : 2.1.1-b20150708.1613 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:totolink:n300rt-v2:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4637323A-10A8-4841-BC49-3EF2894C5F86 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface. (string)

}

1 : { »

lang : es (string)

value : Se detectó un problema en los dispositivos TOTOLINK A850R-V1 versiones hasta 1.0.1-B20150707.1612 y F1-V2 versiones hasta 1.1-B20150708.1646. Mediante el envío de un paquete hel,xasf específico hacia la interfaz WAN, es posible abrir la interfaz de administración web sobre la interfaz WAN (string)

}

]

id : CVE-2015-9550 (string)

lastModified : 2024-11-21T02:40:54.460 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2020-11-24T21:15:11.353 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-668 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object