From ec58f83a13c197f9006c6aea63290bbb703d742c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 20 Jun 2022 17:58:28 +0000 Subject: [PATCH] Auto Generated CVE annotations [Mon Jun 20 17:58:28 UTC 2022] :robot: --- cves/2016/CVE-2016-10924.yaml | 1 + cves/2018/CVE-2018-0296.yaml | 2 +- cves/2018/CVE-2018-10093.yaml | 4 +++- cves/2018/CVE-2018-10822.yaml | 1 + cves/2018/CVE-2018-10823.yaml | 4 +++- cves/2018/CVE-2018-19753.yaml | 2 ++ cves/2018/CVE-2018-9118.yaml | 4 ++-- cves/2019/CVE-2019-0193.yaml | 4 ++-- cves/2019/CVE-2019-12276.yaml | 4 ++-- cves/2019/CVE-2019-1653.yaml | 4 ++-- cves/2019/CVE-2019-19824.yaml | 1 + cves/2019/CVE-2019-20224.yaml | 2 +- 12 files changed, 21 insertions(+), 12 deletions(-) diff --git a/cves/2016/CVE-2016-10924.yaml b/cves/2016/CVE-2016-10924.yaml index 3c6b65b1bb..bd985936f8 100644 --- a/cves/2016/CVE-2016-10924.yaml +++ b/cves/2016/CVE-2016-10924.yaml @@ -10,6 +10,7 @@ info: - https://wpscan.com/vulnerability/13d5d17a-00a8-441e-bda1-2fd2b4158a6c - https://www.exploit-db.com/exploits/39575 - https://nvd.nist.gov/vuln/detail/CVE-2016-10924 + - https://wordpress.org/plugins/ebook-download/#developers classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/cves/2018/CVE-2018-0296.yaml b/cves/2018/CVE-2018-0296.yaml index 471f68933d..dd87d0eaf3 100644 --- a/cves/2018/CVE-2018-0296.yaml +++ b/cves/2018/CVE-2018-0296.yaml @@ -5,7 +5,7 @@ info: author: organiccrap severity: high description: | - Cisco Adaptive Security Appliances (ASA) web interfaces could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. + Cisco Adaptive Security Appliances (ASA) web interfaces could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. reference: - https://github.com/yassineaboukir/CVE-2018-0296 - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-asaftd diff --git a/cves/2018/CVE-2018-10093.yaml b/cves/2018/CVE-2018-10093.yaml index bd75404737..757224c464 100644 --- a/cves/2018/CVE-2018-10093.yaml +++ b/cves/2018/CVE-2018-10093.yaml @@ -5,10 +5,12 @@ info: author: wisnupramoedya severity: high description: | - AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution. + AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow remote code execution. reference: - https://www.exploit-db.com/exploits/46164 - https://nvd.nist.gov/vuln/detail/CVE-2018-10093 + - https://www.exploit-db.com/exploits/46164/ + - http://seclists.org/fulldisclosure/2019/Jan/38 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 diff --git a/cves/2018/CVE-2018-10822.yaml b/cves/2018/CVE-2018-10822.yaml index c11db45b59..64b8bf0b32 100644 --- a/cves/2018/CVE-2018-10822.yaml +++ b/cves/2018/CVE-2018-10822.yaml @@ -9,6 +9,7 @@ info: - https://www.exploit-db.com/exploits/45678 - http://sploit.tech/2018/10/12/D-Link.html - https://nvd.nist.gov/vuln/detail/CVE-2018-10822 + - https://seclists.org/fulldisclosure/2018/Oct/36 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/cves/2018/CVE-2018-10823.yaml b/cves/2018/CVE-2018-10823.yaml index 1d241ebb9e..f9dca9457d 100644 --- a/cves/2018/CVE-2018-10823.yaml +++ b/cves/2018/CVE-2018-10823.yaml @@ -5,10 +5,12 @@ info: author: wisnupramoedya severity: high description: | - D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals. + D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 device may allow an authenticated attacker to execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals. reference: - https://www.exploit-db.com/exploits/45676 - https://nvd.nist.gov/vuln/detail/CVE-2018-10823 + - https://seclists.org/fulldisclosure/2018/Oct/36 + - http://sploit.tech/2018/10/12/D-Link.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 diff --git a/cves/2018/CVE-2018-19753.yaml b/cves/2018/CVE-2018-19753.yaml index 53f8daa017..2ca7cc5592 100644 --- a/cves/2018/CVE-2018-19753.yaml +++ b/cves/2018/CVE-2018-19753.yaml @@ -9,6 +9,8 @@ info: reference: - https://packetstormsecurity.com/files/150541/Tarantella-Enterprise-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2018-19753 + - http://seclists.org/fulldisclosure/2018/Nov/66 + - http://packetstormsecurity.com/files/150541/Tarantella-Enterprise-Directory-Traversal.html classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/cves/2018/CVE-2018-9118.yaml b/cves/2018/CVE-2018-9118.yaml index 5c803dd7b4..a56feb3899 100644 --- a/cves/2018/CVE-2018-9118.yaml +++ b/cves/2018/CVE-2018-9118.yaml @@ -6,13 +6,13 @@ info: severity: high description: | WordPress 99 Robots WP Background Takeover Advertisements 4.1.4 is susceptible to local file inclusion via exports/download.php. - remediation: | - Upgrade to 4.1.15. reference: - https://www.exploit-db.com/exploits/44417 - https://wpvulndb.com/vulnerabilities/9056 - https://99robots.com/docs/wp-background-takeover-advertisements/ - https://nvd.nist.gov/vuln/detail/CVE-2018-9118 + remediation: | + Upgrade to 4.1.15. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/cves/2019/CVE-2019-0193.yaml b/cves/2019/CVE-2019-0193.yaml index a9fb787315..216a1fae14 100644 --- a/cves/2019/CVE-2019-0193.yaml +++ b/cves/2019/CVE-2019-0193.yaml @@ -6,13 +6,13 @@ info: severity: high description: | Apache Solr is vulnerable to remote code execution vulnerabilities via the DataImportHandler, an optional but popular module to pull in data from databases and other sources. The module has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. - remediation: | - Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. reference: - https://github.com/vulhub/vulhub/tree/master/solr/CVE-2019-0193 - https://paper.seebug.org/1009/ - https://issues.apache.org/jira/browse/SOLR-13669 - https://nvd.nist.gov/vuln/detail/CVE-2019-0193 + remediation: | + Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 diff --git a/cves/2019/CVE-2019-12276.yaml b/cves/2019/CVE-2019-12276.yaml index 1ad524296e..1c4b8d9756 100644 --- a/cves/2019/CVE-2019-12276.yaml +++ b/cves/2019/CVE-2019-12276.yaml @@ -6,13 +6,13 @@ info: severity: high description: | GrandNode 4.40 is susceptible to local file inclusion in Controllers/LetsEncryptController.cs, which allows remote unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. - remediation: | - A patch for this issue was made on 2019-05-30 in GrandNode 4.40. reference: - https://security401.com/grandnode-path-traversal/ - https://grandnode.com - https://github.com/grandnode/grandnode - https://nvd.nist.gov/vuln/detail/CVE-2019-12276 + remediation: | + A patch for this issue was made on 2019-05-30 in GrandNode 4.40. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/cves/2019/CVE-2019-1653.yaml b/cves/2019/CVE-2019-1653.yaml index 60540b05b0..57328c2fb6 100644 --- a/cves/2019/CVE-2019-1653.yaml +++ b/cves/2019/CVE-2019-1653.yaml @@ -6,13 +6,13 @@ info: severity: high description: | Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated remote attacker to retrieve sensitive information due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. - remediation: | - Cisco has released firmware updates that address this vulnerability. reference: - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info - https://www.exploit-db.com/exploits/46262/ - https://www.exploit-db.com/exploits/46655/ - https://nvd.nist.gov/vuln/detail/CVE-2019-1653 + remediation: | + Cisco has released firmware updates that address this vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/cves/2019/CVE-2019-19824.yaml b/cves/2019/CVE-2019-19824.yaml index 863d34cc44..fd13474731 100644 --- a/cves/2019/CVE-2019-19824.yaml +++ b/cves/2019/CVE-2019-19824.yaml @@ -10,6 +10,7 @@ info: - https://sploit.tech/2019/12/16/Realtek-TOTOLINK.html - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits - https://nvd.nist.gov/vuln/detail/CVE-2019-19824 + - https://sploit.tech classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 diff --git a/cves/2019/CVE-2019-20224.yaml b/cves/2019/CVE-2019-20224.yaml index 8f78efddad..1564fd5f33 100644 --- a/cves/2019/CVE-2019-20224.yaml +++ b/cves/2019/CVE-2019-20224.yaml @@ -11,12 +11,12 @@ info: - https://gist.github.com/mhaskar/2153d66a0928492d76b799ba13b9e3f9 - https://nvd.nist.gov/vuln/detail/CVE-2019-20224 - https://drive.google.com/file/d/1DkWR5MylzeNr20jmHXTaAIJmf3YN-lnO/view + remediation: This issue has been fixed in Pandora FMS 7.0 NG 742. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-20224 cwe-id: CWE-78 - remediation: This issue has been fixed in Pandora FMS 7.0 NG 742. tags: pandorafms,rce,cve,cve2019,authenticated,oast requests: