CVE-2024-4022 - OpenCVE

A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261674 is the identifier assigned to this vulnerability. NOTE: The vendor is aware of this issue and plans to fix it by the end of 2024.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4
https://vuldb.com/?ctiid.261674
https://vuldb.com/?id.261674
https://vuldb.com/?submit.316276

History

No history.

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-04-21T10:31:04.754Z

Updated: 2024-08-01T20:26:57.265Z

Reserved: 2024-04-20T13:51:21.888Z

Link: CVE-2024-4022

Vulnrichment

Updated: 2024-08-01T20:26:57.265Z

NVD

Status : Awaiting Analysis

Published: 2024-04-21T11:15:33.610

Modified: 2024-05-17T02:40:13.413

Link: CVE-2024-4022

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4022", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2024-04-20T13:51:21.888Z", "datePublished": "2024-04-21T10:31:04.754Z", "dateUpdated": "2024-08-01T20:26:57.265Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-04-22T12:38:32.107Z"}, "title": "Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Information Disclosure"}]}], "affected": [{"vendor": "Keenetic", "product": "KN-1010", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}], "modules": ["Version Data Handler"]}, {"vendor": "Keenetic", "product": "KN-1410", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}], "modules": ["Version Data Handler"]}, {"vendor": "Keenetic", "product": "KN-1711", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}], "modules": ["Version Data Handler"]}, {"vendor": "Keenetic", "product": "KN-1810", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}], "modules": ["Version Data Handler"]}, {"vendor": "Keenetic", "product": "KN-1910", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}], "modules": ["Version Data Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261674 is the identifier assigned to this vulnerability. NOTE: The vendor is aware of this issue and plans to fix it by the end of 2024."}, {"lang": "de", "value": "Eine problematische Schwachstelle wurde in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 bis 4.1.2.15 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /version.js der Komponente Version Data Handler. Mittels Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "timeline": [{"time": "2024-04-20T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2024-04-20T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2024-04-22T14:43:26.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "netsecfish (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.261674", "name": "VDB-261674 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.261674", "name": "VDB-261674 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.316276", "name": "Submit #316276 | Keenetic Omni Router, Carrier Router, Viva Router, Ultra Router, Ultra II Router, Giga Router * 4.1.2.15/4.1.2.14/4.0.2.215/3.7.77/3.5.68/1.6.49 Information Disclosure", "tags": ["third-party-advisory"]}, {"url": "https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4", "tags": ["exploit"]}]}, "adp": [{"affected": [{"vendor": "keenetic", "product": "kn_1010", "cpes": ["cpe:2.3:a:keenetic:kn_1010:1.6.49:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}]}, {"vendor": "keenetic", "product": "kn-1410", "cpes": ["cpe:2.3:a:keenetic:kn-1410:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}]}, {"vendor": "keenetic", "product": "kn-1711", "cpes": ["cpe:2.3:a:keenetic:kn-1711:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}]}, {"vendor": "keenetic", "product": "kn-1810", "cpes": ["cpe:2.3:a:keenetic:kn-1810:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}]}, {"vendor": "keenetic", "product": "kn-1910", "cpes": ["cpe:2.3:a:keenetic:kn-1910:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "1.6.49", "status": "affected"}, {"version": "3.5.68", "status": "affected"}, {"version": "3.7.77", "status": "affected"}, {"version": "4.0.2.215", "status": "affected"}, {"version": "4.1.2.14", "status": "affected"}, {"version": "4.1.2.15", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-20T17:21:24.240562Z", "id": "CVE-2024-4022", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-03T15:30:56.172Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:26:57.265Z"}, "title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.261674", "name": "VDB-261674 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure", "tags": ["vdb-entry", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.261674", "name": "VDB-261674 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://vuldb.com/?submit.316276", "name": "Submit #316276 | Keenetic Omni Router, Carrier Router, Viva Router, Ultra Router, Ultra II Router, Giga Router * 4.1.2.15/4.1.2.14/4.0.2.215/3.7.77/3.5.68/1.6.49 Information Disclosure", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4", "tags": ["exploit", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://vuldb.com/?id.261674", "name": "VDB-261674 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure", "tags": ["vdb-entry", "x_transferred"]}, {"url": "https://vuldb.com/?ctiid.261674", "name": "VDB-261674 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required", "x_transferred"]}, {"url": "https://vuldb.com/?submit.316276", "name": "Submit #316276 | Keenetic Omni Router, Carrier Router, Viva Router, Ultra Router, Ultra II Router, Giga Router * 4.1.2.15/4.1.2.14/4.0.2.215/3.7.77/3.5.68/1.6.49 Information Disclosure", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4", "tags": ["exploit", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:26:57.265Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4022", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-20T17:21:24.240562Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:keenetic:kn_1010:1.6.49:*:*:*:*:*:*:*"], "vendor": "keenetic", "product": "kn_1010", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:keenetic:kn-1410:*:*:*:*:*:*:*:*"], "vendor": "keenetic", "product": "kn-1410", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:keenetic:kn-1711:*:*:*:*:*:*:*:*"], "vendor": "keenetic", "product": "kn-1711", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:keenetic:kn-1810:*:*:*:*:*:*:*:*"], "vendor": "keenetic", "product": "kn-1810", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:keenetic:kn-1910:*:*:*:*:*:*:*:*"], "vendor": "keenetic", "product": "kn-1910", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-03T15:07:16.034Z"}}], "cna": {"title": "Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure", "credits": [{"lang": "en", "type": "reporter", "value": "netsecfish (VulDB User)"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "affected": [{"vendor": "Keenetic", "modules": ["Version Data Handler"], "product": "KN-1010", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}]}, {"vendor": "Keenetic", "modules": ["Version Data Handler"], "product": "KN-1410", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}]}, {"vendor": "Keenetic", "modules": ["Version Data Handler"], "product": "KN-1711", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}]}, {"vendor": "Keenetic", "modules": ["Version Data Handler"], "product": "KN-1810", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}]}, {"vendor": "Keenetic", "modules": ["Version Data Handler"], "product": "KN-1910", "versions": [{"status": "affected", "version": "1.6.49"}, {"status": "affected", "version": "3.5.68"}, {"status": "affected", "version": "3.7.77"}, {"status": "affected", "version": "4.0.2.215"}, {"status": "affected", "version": "4.1.2.14"}, {"status": "affected", "version": "4.1.2.15"}]}], "timeline": [{"lang": "en", "time": "2024-04-20T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2024-04-20T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2024-04-22T14:43:26.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.261674", "name": "VDB-261674 | Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.261674", "name": "VDB-261674 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.316276", "name": "Submit #316276 | Keenetic Omni Router, Carrier Router, Viva Router, Ultra Router, Ultra II Router, Giga Router * 4.1.2.15/4.1.2.14/4.0.2.215/3.7.77/3.5.68/1.6.49 Information Disclosure", "tags": ["third-party-advisory"]}, {"url": "https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261674 is the identifier assigned to this vulnerability. NOTE: The vendor is aware of this issue and plans to fix it by the end of 2024."}, {"lang": "de", "value": "Eine problematische Schwachstelle wurde in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 bis 4.1.2.15 ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /version.js der Komponente Version Data Handler. Mittels Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Information Disclosure"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2024-04-22T12:38:32.107Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4022", "state": "PUBLISHED", "dateUpdated": "2024-08-01T20:26:57.265Z", "dateReserved": "2024-04-20T13:51:21.888Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2024-04-21T10:31:04.754Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Keenetic KN-1010, KN-1410, KN-1711, KN-1810 and KN-1910 up to 4.1.2.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /version.js of the component Version Data Handler. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261674 is the identifier assigned to this vulnerability. NOTE: The vendor is aware of this issue and plans to fix it by the end of 2024."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Keenetic KN-1010, KN-1410, KN-1711, KN-1810 y KN-1910 hasta 4.1.2.15. Ha sido calificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo /version.js del componente Version Data Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la divulgaci\u00f3n de informaci\u00f3n. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-261674 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."}], "id": "CVE-2024-4022", "lastModified": "2024-05-17T02:40:13.413", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2024-04-21T11:15:33.610", "references": [{"source": "cna@vuldb.com", "url": "https://netsecfish.notion.site/Information-Disclosure-in-Keenetic-Router-d4a12a499cef4acf80e191bdaf20c151?pvs=4"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.261674"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.261674"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.316276"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "cna@vuldb.com", "type": "Primary"}]}