{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2018-16739", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-09-11T19:33:34.616Z", "dateReserved": "2018-09-09T00:00:00", "datePublished": "2023-10-26T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-10-26T21:01:58.444601"}, "descriptions": [{"lang": "en", "value": "An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://sec.maride.cc/posts/abus/"}, {"url": "https://www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:32:53.987Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.maride.cc/posts/abus/", "tags": ["x_transferred"]}, {"url": "https://www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-22", "lang": "en", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "affected": [{"vendor": "abus", "product": "tvip_72500_firmware", "cpes": ["cpe:2.3:o:abus:tvip_10000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10001_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10005a_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10005b_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10005_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10051_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10055a_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10055b_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11502_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11552_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21502_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21552_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_22500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31001_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_32500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_51500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_51550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_72500_firmware:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-11T19:31:27.757792Z", "id": "CVE-2018-16739", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T19:33:34.616Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://sec.maride.cc/posts/abus/", "tags": ["x_transferred"]}, {"url": "https://www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:32:53.987Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2018-16739", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-11T19:31:27.757792Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:abus:tvip_10000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10001_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10005a_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10005b_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10005_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10051_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10055a_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10055b_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_10550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11502_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_11552_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_20550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21502_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_21552_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_22500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31000_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31001_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31050_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_31551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_32500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_51500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_51550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71500_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71501_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71550_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_71551_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:abus:tvip_72500_firmware:-:*:*:*:*:*:*:*"], "vendor": "abus", "product": "tvip_72500_firmware", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T19:33:00.362Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://sec.maride.cc/posts/abus/"}, {"url": "https://www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen"}], "descriptions": [{"lang": "en", "value": "An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-10-26T21:01:58.444601"}}}, "cveMetadata": {"cveId": "CVE-2018-16739", "state": "PUBLISHED", "dateUpdated": "2024-09-11T19:33:34.616Z", "dateReserved": "2018-09-09T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2023-10-26T00:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9144BC4E-91A4-4A1A-89B9-535295183F54", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10000:-:*:*:*:*:*:*:*", "matchCriteriaId": "E98C9AC1-8D41-4A5C-AA3C-EB9CD7D2A691", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10001_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5DCCB0D4-4BE3-44DC-8975-7B27BCE0A2A3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10001:-:*:*:*:*:*:*:*", "matchCriteriaId": "F384CFCE-05F0-4B28-A66E-244D052394A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10005_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "17717053-AA2C-4651-8566-C92827911DED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10005:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7D15B68-26C3-459C-8B41-8E0FFCBF392E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10005a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7DE41404-55E7-40C5-8AB2-D7343F17B419", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10005a:-:*:*:*:*:*:*:*", "matchCriteriaId": "780CA464-631C-4A53-88BF-91C367D55489", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10005b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA1458F9-A2A1-4E38-A3E6-CEDC2B8B1BF6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10005b:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BBA121A-21EA-4F5F-98F0-3CAB481226A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10050_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2845AE9D-F8CE-48C8-BFA2-EC90B6147492", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10050:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCBF12F4-97E5-425C-9827-62A550DF1AA4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10051_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "89F4474E-5C0E-4F5D-8FF6-FC626FA402D4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10051:-:*:*:*:*:*:*:*", "matchCriteriaId": "C092AFA7-C69A-4E8C-81E1-D0B3F977D182", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10055a_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE1361CE-D6BD-4BF1-8468-24A79083E95B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10055a:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8C43ABC-BCF0-43A2-BE11-54ACB029B81D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10055b_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "093C67F5-229D-425B-BA55-1003D8E152E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10055b:-:*:*:*:*:*:*:*", "matchCriteriaId": "C070C04A-9550-4865-B93D-871EA7FB57F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B909BEF4-D1A0-4F5C-A1AF-3AD80DAE044B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10500:-:*:*:*:*:*:*:*", "matchCriteriaId": "8640FFAB-64EF-4F8E-BC37-2F31B4897908", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_10550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "367666E1-9187-4F86-A61F-7579F26DD2BE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_10550:-:*:*:*:*:*:*:*", "matchCriteriaId": "95B9149F-B64D-46AB-89C2-6A372D99B195", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6D4C6633-6EF1-4E00-A66D-8B2FE7FEA6EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11000:-:*:*:*:*:*:*:*", "matchCriteriaId": "AFD5E636-C567-428B-AD6C-8C83C9C2130C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11050_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DAF26928-89A1-415A-9455-DC6838C4DB6F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11050:-:*:*:*:*:*:*:*", "matchCriteriaId": "E3064C5A-2636-4F19-BA74-3B7DB5E3205F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1F8DA21-4B54-49EC-9131-364161E51AA1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11500:-:*:*:*:*:*:*:*", "matchCriteriaId": "D81AF7E6-FC02-4690-B48C-C56AB647B237", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11501_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "81A1A634-5EF3-4AAC-A879-D93BFBECFB65", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11501:-:*:*:*:*:*:*:*", "matchCriteriaId": "756F578A-684C-4251-BD20-0C0DBDB776AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11502_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "99F838E2-AD75-4F23-B573-879D8748268E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11502:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4AFEA18-87EB-4BF2-9A33-9762360F8001", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C21A972-2338-42F3-AA69-9ED4E3A1E47D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11550:-:*:*:*:*:*:*:*", "matchCriteriaId": "A17E5F58-6BFC-43CE-98DC-794A1A4E2721", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11551_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A93BBAB-6592-438C-A227-9CB1A83935E1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11551:-:*:*:*:*:*:*:*", "matchCriteriaId": "A62A9DEC-FE52-4D22-92C2-F0F21E617F34", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_11552_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "29F0FFF9-C289-46B1-B9C9-D4294DDC309D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_11552:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEB53FA3-2608-4EE5-9DC2-18BAD23B89AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_20000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5C17F0D-E343-4A27-A9A6-381CC195A1D5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_20000:-:*:*:*:*:*:*:*", "matchCriteriaId": "9628E80A-8B6C-489B-95F4-CB40B7BAF075", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_20050_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C272C2B8-69B7-4027-AD59-37CECE151410", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_20050:-:*:*:*:*:*:*:*", "matchCriteriaId": "B08D902E-185E-4D47-A6B1-69049B8DF93A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_20500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F9455F2-2597-418C-8D96-2BCFA1711B33", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_20500:-:*:*:*:*:*:*:*", "matchCriteriaId": "0E1FFF1B-D8DB-47F1-A517-B95F7821F001", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_20550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BD301A02-166A-4CE9-BD2B-2995056206B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_20550:-:*:*:*:*:*:*:*", "matchCriteriaId": "137CFC37-D4A7-4737-9149-3401AD671A93", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F29D4A8-1F11-442E-B415-2847E18CB5F2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21000:-:*:*:*:*:*:*:*", "matchCriteriaId": "348F6ACA-12BB-4DC3-87FC-977A2BF3E454", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21050_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "39A58C15-0498-4387-A542-13EAAB6B2271", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21050:-:*:*:*:*:*:*:*", "matchCriteriaId": "60C0E02E-650F-488A-869F-583F73C0420C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "360A43B1-917F-416F-9041-8B35AC476812", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21500:-:*:*:*:*:*:*:*", "matchCriteriaId": "564A973F-5870-4AD4-8FC8-3408209BCF5F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21501_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA9E3458-7EDB-4706-839C-827D9C2420E5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21501:-:*:*:*:*:*:*:*", "matchCriteriaId": "950C6EB2-ADE0-43EB-AF21-C9A5E679C420", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21502_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "68DCF678-BE22-4B97-BB84-DDA3CCBDA88D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21502:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A551E5C-7D4A-4795-907B-C8974324D65D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "48F04526-3142-4F85-ABC6-5406A5899F75", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21550:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AF1A30C-1046-432E-A83E-2FA5E75FEC5B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21551_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "01A9F86E-A028-40E4-8BB1-749240C7D40F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21551:-:*:*:*:*:*:*:*", "matchCriteriaId": "0FBF4E2F-DBE9-4CAE-ADA5-3C07E25FA78B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_21552_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7DEF5DB-A21A-4E01-9441-5DF937AABC70", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_21552:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABF07AEC-950F-49B7-BF85-DFB85A05FCA2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_22500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "847E6D72-AF4D-4507-B4FB-9FB508C3A0E6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_22500:-:*:*:*:*:*:*:*", "matchCriteriaId": "8CBE73FE-E600-4CCD-ACB7-D4FCD39014E6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31000_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "14F54B2A-D24F-4FB8-A953-36FA926C0D08", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31000:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0C33845-05BF-4B25-9B31-29C47A8AA629", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31001_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "308F2955-40D5-4FE2-B779-12803AB6F489", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31001:-:*:*:*:*:*:*:*", "matchCriteriaId": "0D5C4B91-4848-44C4-AF02-0D8E938C9630", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31050_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "408481A3-94A4-4A1A-81DE-E09158424CB6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31050:-:*:*:*:*:*:*:*", "matchCriteriaId": "75516F34-5150-45AC-A7BB-594A45FE57BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "49174371-5619-44A1-9B21-0B5CE38C20DD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31500:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB690F6C-6AAA-40FB-9C1E-DD5E6314BA52", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31501_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D8AFC82-9812-4763-92FE-659399870A7E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31501:-:*:*:*:*:*:*:*", "matchCriteriaId": "07B68920-6F84-4E0F-BBC2-1C76EE9AF600", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE913DEA-B865-44C7-91EE-23438A25E3FD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31550:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D7E6272-CAF4-4474-ADAB-3C3455BC2C80", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_31551_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6951D3F2-6596-48BE-AFC9-72FE14C608B4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_31551:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAEA5DB8-B8FE-46BD-BAE4-2B09B560083E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_32500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE582096-284C-4D0D-BCC7-3574330E12EB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_32500:-:*:*:*:*:*:*:*", "matchCriteriaId": "9206A704-3FF7-467A-B5E5-AE7B5D3FC17D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_51500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "956527CA-9E4C-4CF8-84FD-1424AD749936", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_51500:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B4AD9D0-877D-48B0-A47C-6D25DFE040F3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_51550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CC87A9E-695B-4833-A8DA-9FF9B13F4D1A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_51550:-:*:*:*:*:*:*:*", "matchCriteriaId": "69F03A19-FF00-427D-B30D-29C1EE33755A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_71500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D91AFC16-42B1-4EC5-8E73-D9996428B1C6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_71500:-:*:*:*:*:*:*:*", "matchCriteriaId": "7D51466D-4632-4D46-8D98-19316F124BA0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_71501_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6230FC4E-BB0E-43E8-B05C-965AEF360EB7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_71501:-:*:*:*:*:*:*:*", "matchCriteriaId": "95CADF3A-C72B-427F-A78B-86234D894802", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_71550_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C2D2FBB-3AFD-4E0E-BA8C-B657AB39AB49", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_71550:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1F52841-37D7-44A4-867F-49C77524FEA0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_71551_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "12BECD93-F2DC-4AC6-BC8A-70618334E04E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_71551:-:*:*:*:*:*:*:*", "matchCriteriaId": "0BE2FEE6-C772-4986-BFB0-D47E1471F1F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:abus:tvip_72500_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "13BDF3AA-E9C2-4168-8D62-F5C233309DF8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:abus:tvip_72500:-:*:*:*:*:*:*:*", "matchCriteriaId": "F2A87C21-5BED-46F3-BF1F-7C7A0BB0E720", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered on certain ABUS TVIP devices. Due to a path traversal in /opt/cgi/admin/filewrite, an attacker can write to files, and thus execute code arbitrarily with root privileges."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en ciertos dispositivos ABUS TVIP. Debido a un path traversal en /opt/cgi/admin/filewrite, un atacante puede escribir en archivos y, por lo tanto, ejecutar c\u00f3digo arbitrariamente con privilegios de root."}], "id": "CVE-2018-16739", "lastModified": "2024-09-11T20:35:01.253", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-10-26T22:15:08.333", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://sec.maride.cc/posts/abus/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.ccc.de/en/updates/2019/update-nicht-verfugbar-hersteller-nicht-zu-erreichen"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}