CVE-2016-9494

EPSS 0.24%
Veröffentlicht 13.07.2018 20:29:01
Zuletzt bearbeitet 21.11.2024 03:01:19
Quelle cret@cert.org
CVE-Watchlists
Login
Unerledigt
Login

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hughes ≫ Hn7740s Firmware Version6.9.0.34

Hughes ≫ Hn7740s Version-

Hughes ≫ Dw7000 Firmware Version6.9.0.34

Hughes ≫ Dw7000 Version-

Hughes ≫ Hn7000s Firmware Version6.9.0.34

Hughes ≫ Hn7000s Version-

Hughes ≫ Hn7000sm Firmware Version6.9.0.34

Hughes ≫ Hn7000sm Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.24%	0.469

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	3.3	6.5	2.9	AV:A/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.kb.cert.org/vuls/id/614751

Third Party Advisory

US Government Resource

https://www.securityfocus.com/bid/96244

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-9494

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-9494

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-9494

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2016-9494