CVE-2017-14335

Exploit

EPSS 20.18%
Veröffentlicht 12.09.2017 08:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hbgk ≫ Hb7024xt Firmware Version-

Hbgk ≫ Hb7024xt Version-

Hbgk ≫ Hb7032xt Firmware Version-

Hbgk ≫ Hb7032xt Version-

Hbgk ≫ Hb7008t2 Firmware Version-

Hbgk ≫ Hb7008t2 Version-

Hbgk ≫ Hb7016t2 Firmware Version-

Hbgk ≫ Hb7016t2 Version-

Hbgk ≫ Hb7204xt Firmware Version-

Hbgk ≫ Hb7204xt Version-

Hbgk ≫ Hb7208xt Firmware Version-

Hbgk ≫ Hb7208xt Version-

Hbgk ≫ Hb7216xt Firmware Version-

Hbgk ≫ Hb7216xt Version-

Hbgk ≫ Hb7208x3 Firmware Version-

Hbgk ≫ Hb7208x3 Version-

Hbgk ≫ Hb7216x3 Firmware Version-

Hbgk ≫ Hb7216x3 Version-

Hbgk ≫ Hb7204x Firmware Version-

Hbgk ≫ Hb7204x Version-

Hbgk ≫ Hb7208x Firmware Version-

Hbgk ≫ Hb7208x Version-

Hbgk ≫ Hb7216x Firmware Version-

Hbgk ≫ Hb7216x Version-

Hbgk ≫ 7204xr Firmware Version-

Hbgk ≫ 7204xr Version-

Hbgk ≫ 7208xr Firmware Version-

Hbgk ≫ 7208xr Version-

Hbgk ≫ 7216xr Firmware Version-

Hbgk ≫ 7216xr Version-

Hbgk ≫ Hb7004k Firmware Version-

Hbgk ≫ Hb7004k Version-

Hbgk ≫ Hb7004kh Firmware Version-

Hbgk ≫ Hb7004kh Version-

Hbgk ≫ Hb7008kc Firmware Version-

Hbgk ≫ Hb7008kc Version-

Hbgk ≫ Hb7008kce Firmware Version-

Hbgk ≫ Hb7008kce Version-

Hbgk ≫ Hb7008kh Firmware Version-

Hbgk ≫ Hb7008kh Version-

Hbgk ≫ Hb7008khe Firmware Version-

Hbgk ≫ Hb7008khe Version-

Hbgk ≫ Hb7204kl Firmware Version-

Hbgk ≫ Hb7204kl Version-

Hbgk ≫ Hb7204kk Firmware Version-

Hbgk ≫ Hb7204kk Version-

Hbgk ≫ Hb7016lc Firmware Version-

Hbgk ≫ Hb7016lc Version-

Hbgk ≫ Hb7016lh Firmware Version-

Hbgk ≫ Hb7016lh Version-

Hbgk ≫ Hb7116x3 Firmware Version-

Hbgk ≫ Hb7116x3 Version-

Hbgk ≫ Hb7108x3 Firmware Version-

Hbgk ≫ Hb7108x3 Version-

Hbgk ≫ Hb8004 Firmware Version-

Hbgk ≫ Hb8004 Version-

Hbgk ≫ Hb8008 Firmware Version-

Hbgk ≫ Hb8008 Version-

Hbgk ≫ Hb8016 Firmware Version-

Hbgk ≫ Hb8016 Version-

Hbgk ≫ Hb8004r Firmware Version-

Hbgk ≫ Hb8004r Version-

Hbgk ≫ Hb8008r Firmware Version-

Hbgk ≫ Hb8008r Version-

Hbgk ≫ Hb8016r Firmware Version-

Hbgk ≫ Hb8016r Version-

Hbgk ≫ Hb8204h Firmware Version-

Hbgk ≫ Hb8204h Version-

Hbgk ≫ Hb8208h Firmware Version-

Hbgk ≫ Hb8208h Version-

Hbgk ≫ Hb8216h Firmware Version-

Hbgk ≫ Hb8216h Version-

Hbgk ≫ Hb8204hr Firmware Version-

Hbgk ≫ Hb8204hr Version-

Hbgk ≫ Hb8208hr Firmware Version-

Hbgk ≫ Hb8208hr Version-

Hbgk ≫ Hb8216hr Firmware Version-

Hbgk ≫ Hb8216hr Version-

Hbgk ≫ Hb8208x3 Firmware Version-

Hbgk ≫ Hb8208x3 Version-

Hbgk ≫ Hb8216x3 Firmware Version-

Hbgk ≫ Hb8216x3 Version-

Hbgk ≫ Hb8608x3 Firmware Version-

Hbgk ≫ Hb8608x3 Version-

Hbgk ≫ Hb8616x3 Firmware Version-

Hbgk ≫ Hb8616x3 Version-

Hbgk ≫ Hb8808x3 Firmware Version-

Hbgk ≫ Hb8808x3 Version-

Hbgk ≫ Hb8816x3 Firmware Version-

Hbgk ≫ Hb8816x3 Version-

Hbgk ≫ Hb9404x3 Firmware Version-

Hbgk ≫ Hb9404x3 Version-

Hbgk ≫ Hb9408x3 Firmware Version-

Hbgk ≫ Hb9408x3 Version-

Hbgk ≫ Hb9604x3 Firmware Version-

Hbgk ≫ Hb9604x3 Version-

Hbgk ≫ Hb9608x3 Firmware Version-

Hbgk ≫ Hb9608x3 Version-

Hbgk ≫ Hb9012x3 Firmware Version-

Hbgk ≫ Hb9012x3 Version-

Hbgk ≫ Hb9020x3 Firmware Version-

Hbgk ≫ Hb9020x3 Version-

Hbgk ≫ Hb9212x3 Firmware Version-

Hbgk ≫ Hb9212x3 Version-

Hbgk ≫ Hb9220x3 Firmware Version-

Hbgk ≫ Hb9220x3 Version-

Hbgk ≫ Hb7904 Firmware Version-

Hbgk ≫ Hb7904 Version-

Hbgk ≫ Hb7908 Firmware Version-

Hbgk ≫ Hb7908 Version-

Hbgk ≫ Hb7916s Firmware Version-

Hbgk ≫ Hb7916s Version-

Hbgk ≫ Hb7904x Firmware Version-

Hbgk ≫ Hb7904x Version-

Hbgk ≫ Hb7908x Firmware Version-

Hbgk ≫ Hb7908x Version-

Hbgk ≫ Hb7916sx Firmware Version-

Hbgk ≫ Hb7916sx Version-

Hbgk ≫ Hb9904 Firmware Version-

Hbgk ≫ Hb9904 Version-

Hbgk ≫ Hb9908 Firmware Version-

Hbgk ≫ Hb9908 Version-

Hbgk ≫ Hb9912 Firmware Version-

Hbgk ≫ Hb9912 Version-

Hbgk ≫ Hb9916 Firmware Version-

Hbgk ≫ Hb9916 Version-

Hbgk ≫ Hb9924 Firmware Version-

Hbgk ≫ Hb9924 Version-

Hbgk ≫ Hb9932 Firmware Version-

Hbgk ≫ Hb9932 Version-

Hbgk ≫ Hb9808n04 Firmware Version-

Hbgk ≫ Hb9808n04 Version-

Hbgk ≫ Hb9816n08 Firmware Version-

Hbgk ≫ Hb9816n08 Version-

Hbgk ≫ Hb9824n16 Firmware Version-

Hbgk ≫ Hb9824n16 Version-

Hbgk ≫ Hb9832n16 Firmware Version-

Hbgk ≫ Hb9832n16 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	20.18%	0.95

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://blogs.securiteam.com/index.php/archives/3420

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2017-14335

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-14335

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-14335

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2017-14335