CVE-2019-16340 - OpenCVE

Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linksys	Velop Whw0301 Velop Whw0301 Firmware Velop Whw0302 Velop Whw0302 Firmware Velop Whw0303 Velop Whw0303 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:linksys:velop_whw0303_firmware:1.1.8.192419:*:*:*:*:*:*:*

cpe:2.3:h:linksys:velop_whw0303:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:linksys:velop_whw0302_firmware:1.1.8.192419:*:*:*:*:*:*:*

cpe:2.3:h:linksys:velop_whw0302:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:linksys:velop_whw0301_firmware:1.1.8.192419:*:*:*:*:*:*:*

cpe:2.3:h:linksys:velop_whw0301:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt
https://puzzor.github.io/Linksys-Velop-Authentication-bypass
https://www.linksys.com/us/support-article?articleNum=207568

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-21T14:49:17

Updated: 2024-08-05T01:10:41.731Z

Reserved: 2019-09-15T00:00:00

Link: CVE-2019-16340

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-11-21T15:15:13.887

Modified: 2021-07-21T11:39:23.747

Link: CVE-2019-16340

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-21T14:49:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt"}, {"tags": ["x_refsource_MISC"], "url": "https://puzzor.github.io/Linksys-Velop-Authentication-bypass"}, {"tags": ["x_refsource_MISC"], "url": "https://www.linksys.com/us/support-article?articleNum=207568"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-16340", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt", "refsource": "MISC", "url": "http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt"}, {"name": "https://puzzor.github.io/Linksys-Velop-Authentication-bypass", "refsource": "MISC", "url": "https://puzzor.github.io/Linksys-Velop-Authentication-bypass"}, {"name": "https://www.linksys.com/us/support-article?articleNum=207568", "refsource": "MISC", "url": "https://www.linksys.com/us/support-article?articleNum=207568"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T01:10:41.731Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://puzzor.github.io/Linksys-Velop-Authentication-bypass"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.linksys.com/us/support-article?articleNum=207568"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-16340", "datePublished": "2019-11-21T14:49:17", "dateReserved": "2019-09-15T00:00:00", "dateUpdated": "2024-08-05T01:10:41.731Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:velop_whw0303_firmware:1.1.8.192419:*:*:*:*:*:*:*", "matchCriteriaId": "66DE8885-06EB-466B-AE4F-110472824DC5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:velop_whw0303:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB42BD0C-999A-4FE3-BFBB-50F57DC3527A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:velop_whw0302_firmware:1.1.8.192419:*:*:*:*:*:*:*", "matchCriteriaId": "4A248B91-D3AB-4DBB-8C0E-5AF7DE1ECFA6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:velop_whw0302:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EB87A6D-6631-4279-8D18-E7A971B4D3E0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:velop_whw0301_firmware:1.1.8.192419:*:*:*:*:*:*:*", "matchCriteriaId": "7BA2C0AA-60FB-4B4A-93DE-46052A951FA0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:velop_whw0301:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7CCD20D-468C-463F-8F79-D849128C1DEC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key via a direct request for the /sysinfo_json.cgi URI."}, {"lang": "es", "value": "Los dispositivos Belkin Linksys Velop versi\u00f3n 1.1.8.192419, permiten a atacantes remotos detectar la clave de recuperaci\u00f3n mediante una petici\u00f3n directa para el URI /sysinfo_json.cgi."}], "id": "CVE-2019-16340", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-21T15:15:13.887", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://s3.amazonaws.com/downloads.linksys.com/support/assets/releasenotes/WHW03_A03_Velop_Customer_Release_Notes_1.1.9.195026.txt"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://puzzor.github.io/Linksys-Velop-Authentication-bypass"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.linksys.com/us/support-article?articleNum=207568"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-425"}], "source": "nvd@nist.gov", "type": "Primary"}]}