CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-9975

HIGH
7.5
CVSS Severity Score
EPSS Score0.0590%
EPSS Percentile13.22th
Published2019年4月11日
Last Modified2024年11月21日

Vulnerability Description

DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key.

Affected Platforms (CPE)

💻
Dasannetworks

H660rm Firmware

= 1.03-0022

References & Advisories

🔗 http://packetstormsecurity.com/files/152232/DASAN-H660RM-Information-Disclosure-Hardcoded-Key.html
🔗 https://blog.burghardt.pl/2019/03/syslog_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-uses-a-hard-coded-key-for-logs-encryption/
🔗 https://seclists.org/bugtraq/2019/Mar/41
🔗 http://packetstormsecurity.com/files/152232/DASAN-H660RM-Information-Disclosure-Hardcoded-Key.html
🔗 https://blog.burghardt.pl/2019/03/syslog_tool-cgi-on-dasan-h660rm-devices-with-firmware-1-03-0022-uses-a-hard-coded-key-for-logs-encryption/
🔗 https://seclists.org/bugtraq/2019/Mar/41

相關漏洞威脅

CVE-2019-99749.1

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check, which allows remote attackers to...

CVE-2019-99768.8

The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allow...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...