CVE-2019-3405

EPSS 0.38%
Veröffentlicht 11.01.2021 16:15:14
Zuletzt bearbeitet 21.11.2024 04:42:02
Quelle security@360.cn
Teams Watchlist Login
Unerledigt Login

In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause other wireless terminals connected to disconnect from the wireless, so as to attack the router wireless by DoS. At present, the vulnerability has been effectively handled, and users can fix the vulnerability after updating the firmware version.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

360 ≫ 360f5 Firmware Version <= 3.1.3.64296

360 ≫ 360f5 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.563

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

https://security.360.cn/News/news/id/246

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-3405

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-3405

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-3405

EUVD