Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-6441

An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn't have backend validation for the current password and doesn't require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router.

Published

2019-03-21T16:01:08.140

Last Modified

2024-11-21T04:46:27.377

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	coship	rt3050_firmware	4.0.0.40	Yes
Hardware	coship	rt3050	-	No
Operating System	coship	rt3052_firmware	4.0.0.48	Yes
Hardware	coship	rt3052	-	No
Operating System	coship	rt7620_firmware	10.0.0.49	Yes
Hardware	coship	rt7620	-	No
Operating System	coship	wm3300_firmware	5.0.0.54	Yes
Operating System	coship	wm3300_firmware	5.0.0.55	Yes
Hardware	coship	wm3300	-	No

References

http://packetstormsecurity.com/files/151202/Coship-Wireless-Router-Unauthenticated-Admin-Password-Reset.html Exploit, Third Party Advisory, VDB Entry ([email protected])
https://packetstormsecurity.com/files/151202/Coship-Wireless-Router-Unauthenticated-Admin-Password-Reset.html Exploit, Third Party Advisory, VDB Entry ([email protected])
https://vulmon.com/exploitdetails?qidtp=EDB&qid=46180 Exploit, Third Party Advisory ([email protected])
https://www.anquanke.com/vul/id/1451446 Exploit, Third Party Advisory ([email protected])
https://www.exploit-db.com/exploits/46180 Exploit, Third Party Advisory, VDB Entry ([email protected])
https://www.exploit-db.com/exploits/46180/ Exploit, Third Party Advisory, VDB Entry ([email protected])
http://packetstormsecurity.com/files/151202/Coship-Wireless-Router-Unauthenticated-Admin-Password-Reset.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://packetstormsecurity.com/files/151202/Coship-Wireless-Router-Unauthenticated-Admin-Password-Reset.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://vulmon.com/exploitdetails?qidtp=EDB&qid=46180 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.anquanke.com/vul/id/1451446 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46180 Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/46180/ Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)