CVE-2009-1807
Published May 28, 2009
Last updated 15 years ago
Overview
- Description
- Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May 2009.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:baofeng:storm:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "562E2843-2197-4945-8141-DC06F55D6F30",
"versionEndIncluding": "3.09.04.17"
},
{
"criteria": "cpe:2.3:a:baofeng:storm:2.7.9_8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F52CD8D-3166-4A06-BB43-B7DEE653FBDB"
},
{
"criteria": "cpe:2.3:a:baofeng:storm:2.7.9_10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD543322-FB0F-45E0-9E93-347425B470BA"
},
{
"criteria": "cpe:2.3:a:baofeng:storm:2.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BF09EE7-F241-4EDE-8266-FD2413C6E1AE"
},
{
"criteria": "cpe:2.3:a:baofeng:storm:2.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93399125-BFCD-4EEC-B187-3E89A8DB82D2"
}
],
"operator": "OR"
}
]
}
]