{"containers": {"cna": {"affected": [{"product": "HN7740S", "vendor": "Hughes Satellite Modem", "versions": [{"status": "unknown", "version": "N/A"}]}, {"product": "DW7000", "vendor": "Hughes Satellite Modem", "versions": [{"status": "unknown", "version": "N/A"}]}, {"product": "HN7000S/SM", "vendor": "Hughes Satellite Modem", "versions": [{"status": "unknown", "version": "N/A"}]}], "datePublic": "2017-02-15T00:00:00", "descriptions": [{"lang": "en", "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-07-13T19:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "96244", "tags": ["vdb-entry", "x_refsource_BID"], "url": "https://www.securityfocus.com/bid/96244"}, {"name": "VU#614751", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://www.kb.cert.org/vuls/id/614751"}], "source": {"discovery": "UNKNOWN"}, "title": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation, potentially leading to denial of service", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2016-9494", "STATE": "PUBLIC", "TITLE": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation, potentially leading to denial of service"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "HN7740S", "version": {"version_data": [{"affected": "?", "version_affected": "?", "version_value": "N/A"}]}}, {"product_name": "DW7000", "version": {"version_data": [{"affected": "?", "version_affected": "?", "version_value": "N/A"}]}}, {"product_name": "HN7000S/SM", "version": {"version_data": [{"affected": "?", "version_affected": "?", "version_value": "N/A"}]}}]}, "vendor_name": "Hughes Satellite Modem"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "96244", "refsource": "BID", "url": "https://www.securityfocus.com/bid/96244"}, {"name": "VU#614751", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/614751"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T02:50:38.659Z"}, "title": "CVE Program Container", "references": [{"name": "96244", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "https://www.securityfocus.com/bid/96244"}, {"name": "VU#614751", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/614751"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-9494", "datePublished": "2018-07-13T20:00:00", "dateReserved": "2016-11-21T00:00:00", "dateUpdated": "2024-08-06T02:50:38.659Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hughes:hn7740s_firmware:6.9.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "E9029731-A889-43E7-BBC0-38E982690D57", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hughes:hn7740s:-:*:*:*:*:*:*:*", "matchCriteriaId": "BF1B8214-EE17-49B6-8084-D9195F989961", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hughes:dw7000_firmware:6.9.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "A98920BD-1929-419A-961A-CA0F09187693", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hughes:dw7000:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A154763-BFF7-4541-9036-34B85BA18479", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hughes:hn7000s_firmware:6.9.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "27F4528C-7D87-4B5A-A330-A09F555AE36D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hughes:hn7000s:-:*:*:*:*:*:*:*", "matchCriteriaId": "91470E55-2227-489A-BEB5-86C151F32344", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hughes:hn7000sm_firmware:6.9.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "BA234B78-E832-4493-BFCD-AECEAC3CCA02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:hughes:hn7000sm:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AAB1D14-3EA2-46C7-9010-87750F19DF24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service."}, {"lang": "es", "value": "Los m\u00f3dems por sat\u00e9lite de alto rendimiento de banda ancha de Hughes, en sus modelos HN7740S DW7000 HN7000S/SM, son potencialmente vulnerables a una validaci\u00f3n de entradas incorrecta. La p\u00e1gina web de estado avanzada del dispositivo que est\u00e1 enlazada desde la p\u00e1gina web de estado b\u00e1sica no parece analizar correctamente las peticiones GET mal formadas. Esto podr\u00eda conducir a una denegaci\u00f3n de servicio."}], "id": "CVE-2016-9494", "lastModified": "2024-11-21T03:01:19.513", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-07-13T20:29:01.737", "references": [{"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/614751"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.securityfocus.com/bid/96244"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/614751"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.securityfocus.com/bid/96244"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "cret@cert.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}