CVE-2019-3405

EPSS 0.38%
Published 11.01.2021 16:15:14
Last modified 21.11.2024 04:42:02
Source security@360.cn
Teams watchlist Login
Open Login

In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause other wireless terminals connected to disconnect from the wireless, so as to attack the router wireless by DoS. At present, the vulnerability has been effectively handled, and users can fix the vulnerability after updating the firmware version.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

360 ≫ 360f5 Firmware Version <= 3.1.3.64296

360 ≫ 360f5 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.38%	0.563

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

https://security.360.cn/News/news/id/246

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2019-3405

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-3405

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-3405

EUVD