CVE-2019-6441

Published Mar 21, 2019

Last updated 4 years ago

CVSS critical 9.8

Overview

Description: An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn't have backend validation for the current password and doesn't require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:coship:rt3050_firmware:4.0.0.40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B799C788-A237-4A63-B4BB-A76563E52EB7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:coship:rt3050:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5952AB48-DD27-4136-A823-49F04825D244"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:coship:rt3052_firmware:4.0.0.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A59AF59-B520-430C-AB30-9614960859A1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:coship:rt3052:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44DB85CE-36A7-49CC-AC7B-CAA7DB81C8DB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:coship:rt7620_firmware:10.0.0.49:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D12E278D-1E93-4A0B-ACD3-11B2E78F4824"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:coship:rt7620:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BDFF14FA-1FA5-469E-ACE2-C3C985A34CAC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:coship:wm3300_firmware:5.0.0.54:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52450040-F41F-4555-BE1A-69CD9D203185"
          },
          {
            "criteria": "cpe:2.3:o:coship:wm3300_firmware:5.0.0.55:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70246B3F-A337-4595-9966-7FDDA68EB24F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:coship:wm3300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "534C8641-1DB1-4C43-9F01-22746458B46B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References