CVE-2014-6436 - Vulnerability Details - OpenCVE

Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Aztech	Adsl Dsl5018en \(1t1r\) Adsl Dsl5018en \(1t1r\) Firmware Dsl705e Dsl705e Firmware Dsl705eu Dsl705eu Firmware

Configuration 1 [-]

AND

cpe:2.3:o:aztech:adsl_dsl5018en_\(1t1r\)_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:aztech:adsl_dsl5018en_\(1t1r\):-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:aztech:dsl705e_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:aztech:dsl705e:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:aztech:dsl705eu_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:aztech:dsl705eu:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html
http://www.securityfocus.com/archive/1/533489/100/0/threaded
http://www.securityfocus.com/bid/69811

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-01-12T17:00:00.000Z

Updated: 2024-08-06T12:17:24.334Z

Reserved: 2014-09-16T00:00:00.000Z

Link: CVE-2014-6436

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-01-12T17:29:00.350

Modified: 2024-11-21T02:14:22.870

Link: CVE-2014-6436

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-09-14T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "69811", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/69811"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html"}, {"name": "20140919 Re: Multiple Vulnerabilities with Aztech Modem Routers", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/533489/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-6436", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "69811", "refsource": "BID", "url": "http://www.securityfocus.com/bid/69811"}, {"name": "http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html"}, {"name": "20140919 Re: Multiple Vulnerabilities with Aztech Modem Routers", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/533489/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:17:24.334Z"}, "title": "CVE Program Container", "references": [{"name": "69811", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/69811"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html"}, {"name": "20140919 Re: Multiple Vulnerabilities with Aztech Modem Routers", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/533489/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-6436", "datePublished": "2018-01-12T17:00:00.000Z", "dateReserved": "2014-09-16T00:00:00.000Z", "dateUpdated": "2024-08-06T12:17:24.334Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aztech:adsl_dsl5018en_\\(1t1r\\)_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7EAEBDA-7647-468C-B74E-0E5BFC9926DB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aztech:adsl_dsl5018en_\\(1t1r\\):-:*:*:*:*:*:*:*", "matchCriteriaId": "D6DE6B23-0A44-4606-861D-B00123FDEC46", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aztech:dsl705e_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6F0E1517-E45F-4BC6-9CE3-3458F3B321F5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aztech:dsl705e:-:*:*:*:*:*:*:*", "matchCriteriaId": "EEE2578A-F0E4-43E2-A152-1CB50C10436E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aztech:dsl705eu_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0AB9E6C8-5E62-4829-87C3-9750824CF657", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aztech:dsl705eu:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DDF7317-E11C-4B84-9D9A-1AFA70347305", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login."}, {"lang": "es", "value": "Los dispositivos Aztech ADSL DSL5018EN (1T1R), DSL705E y DSL705EU gestionan las sesiones de forma indebida, lo que permite que atacantes remotos omitan la autenticaci\u00f3n en circunstancias oportunistas y ejecuten comandos arbitrarios con privilegios de administrador aprovechando un inicio de sesi\u00f3n ya existente en el portal web."}], "id": "CVE-2014-6436", "lastModified": "2024-11-21T02:14:22.870", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-01-12T17:29:00.350", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/533489/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/69811"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/533489/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/69811"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}