CVE-2015-7787 - Vulnerability Details

Vendors	Products
Asus	Wl-330nul Wl-330nul Firmware

Link	Providers
http://jvn.jp/en/jp/JVN69462495/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192
http://www.asus.com/jp/News/FX04LE8HN0qBoqFI

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-12-09T00:00:00", "descriptions": [{"lang": "en", "value": "ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-12-30T04:57:01", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVN#69462495", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN69462495/index.html"}, {"name": "JVNDB-2015-000192", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2015-7787", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVN#69462495", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN69462495/index.html"}, {"name": "JVNDB-2015-000192", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192"}, {"name": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI", "refsource": "CONFIRM", "url": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:58:59.987Z"}, "title": "CVE Program Container", "references": [{"name": "JVN#69462495", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN69462495/index.html"}, {"name": "JVNDB-2015-000192", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI"}]}]}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2015-7787", "datePublished": "2015-12-30T02:00:00", "dateReserved": "2015-10-09T00:00:00", "dateUpdated": "2024-08-06T07:58:59.987Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-12-09T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2015-12-30T04:57:01 (string)

orgId : ede6fdc4-6654-4307-a26d-3331c018e2ce (string)

shortName : jpcert (string)

}

references : [ »

0 : { »

name : JVN#69462495 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_JVN (string)

]

url : http://jvn.jp/en/jp/JVN69462495/index.html (string)

}

1 : { »

name : JVNDB-2015-000192 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_JVNDB (string)

]

url : http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.asus.com/jp/News/FX04LE8HN0qBoqFI (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : vultures@jpcert.or.jp (string)

ID : CVE-2015-7787 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : JVN#69462495 (string)

refsource : JVN (string)

url : http://jvn.jp/en/jp/JVN69462495/index.html (string)

}

1 : { »

name : JVNDB-2015-000192 (string)

refsource : JVNDB (string)

url : http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 (string)

}

2 : { »

name : http://www.asus.com/jp/News/FX04LE8HN0qBoqFI (string)

refsource : CONFIRM (string)

url : http://www.asus.com/jp/News/FX04LE8HN0qBoqFI (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T07:58:59.987Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : JVN#69462495 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_JVN (string)

2 : x_transferred (string)

]

url : http://jvn.jp/en/jp/JVN69462495/index.html (string)

}

1 : { »

name : JVNDB-2015-000192 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_JVNDB (string)

2 : x_transferred (string)

]

url : http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.asus.com/jp/News/FX04LE8HN0qBoqFI (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : ede6fdc4-6654-4307-a26d-3331c018e2ce (string)

assignerShortName : jpcert (string)

cveId : CVE-2015-7787 (string)

datePublished : 2015-12-30T02:00:00 (string)

dateReserved : 2015-10-09T00:00:00 (string)

dateUpdated : 2024-08-06T07:58:59.987Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:wl-330nul_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D0C9125-E338-4BAA-9CD9-524E5064501A", "versionEndIncluding": "3.0.0.41", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:wl-330nul:*:*:*:*:*:*:*:*", "matchCriteriaId": "BE0B137A-6A2A-4CB2-8EEB-8C31FF31C715", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors."}, {"lang": "es", "value": "Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos descubrir la frase de contrase\u00f1a WPA2-PSK a trav\u00e9s de vectores no especificados."}], "id": "CVE-2015-7787", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2015-12-30T05:59:07.910", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://jvn.jp/en/jp/JVN69462495/index.html"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192"}, {"source": "vultures@jpcert.or.jp", "tags": ["Vendor Advisory"], "url": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://jvn.jp/en/jp/JVN69462495/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:asus:wl-330nul_firmware:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4D0C9125-E338-4BAA-9CD9-524E5064501A (string)

versionEndIncluding : 3.0.0.41 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:asus:wl-330nul:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BE0B137A-6A2A-4CB2-8EEB-8C31FF31C715 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors. (string)

}

1 : { »

lang : es (string)

value : Dispositivos ASUS Japan WL-330NUL con firmware anterior a 3.0.0.42 permiten a atacantes remotos descubrir la frase de contraseña WPA2-PSK a través de vectores no especificados. (string)

}

]

id : CVE-2015-7787 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : LOW (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : ADJACENT_NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 3.3 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:A/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 6.5 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : ADJACENT_NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 1.4 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2015-12-30T05:59:07.910 (string)

references : [ »

0 : { »

source : vultures@jpcert.or.jp (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://jvn.jp/en/jp/JVN69462495/index.html (string)

}

1 : { »

source : vultures@jpcert.or.jp (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 (string)

}

2 : { »

source : vultures@jpcert.or.jp (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.asus.com/jp/News/FX04LE8HN0qBoqFI (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://jvn.jp/en/jp/JVN69462495/index.html (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.asus.com/jp/News/FX04LE8HN0qBoqFI (string)

}

]

sourceIdentifier : vultures@jpcert.or.jp (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object