CVE-2019-13407 – Advan VD-1 has a reflected XSS vulnerability in page cgibin/ssi.cgi
https://notcve.org/view.php?id=CVE-2019-13407
A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly. Un XSS encontrado en las versiones de firmware Advan VD-1 hasta 230. VD-1 responde a un mensaje de error de ruta de acceso cuando no se encontró un recurso solicitado en la página cgibin/ssi.cgi. • http://surl.twcert.org.tw/SpTwh https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906008 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-13406 – Advan VD-1 has a vulnerability that allows remote arbitrary APK installation
https://notcve.org/view.php?id=CVE-2019-13406
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An attacker can send a POST request to cgibin/ApkUpload.cgi to install arbitrary APK without any authentication. Una vulnerabilidad de control de acceso rota encontrada en las versiones de firmware de Advan VD-1 hasta 230. Un atacante puede enviar una solicitud POST a cgibin/ApkUpload.cgi para instalar APK arbitrario sin ninguna autenticación. • http://surl.twcert.org.tw/hVut7 https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906007 • CWE-306: Missing Authentication for Critical Function •
CVE-2019-13405 – Advan VD-1 allows a remote user to enable Android Debug Bridge without any authentication
https://notcve.org/view.php?id=CVE-2019-13405
A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure ADB service. An attacker can send a POST request to cgibin/AdbSetting.cgi to enable ADB without any authentication then take the compromised device as a relay or to install mining software. Una vulnerabilidad de control de acceso rota encontrada en la versión 230 del firmware de Advan VD-1 conduce a un servicio ADB inseguro. Un atacante puede enviar una solicitud POST a cgibin/AdbSetting.cgi para habilitar ADB sin ninguna autenticación y, a continuación, tomar el dispositivo comprometido como una retransmisión o instalar software de minería de datos. • http://surl.twcert.org.tw/VeNHn https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906006 • CWE-306: Missing Authentication for Critical Function •
CVE-2019-11064 – A vulnerability of remote credential disclosure was discovered in Advan VD-1
https://notcve.org/view.php?id=CVE-2019-11064
A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication. Se descubrió una vulnerabilidad de divulgación remota de credenciales en las versiones de firmware Advan VD-1 hasta 230. Un atacante puede exportar la configuración del sistema que no está encriptada para obtener la cuenta y la contraseña del administrador en texto plano a través de cgibin / ExportSettings.cgi? • http://surl.twcert.org.tw/gCDQN https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906005 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-287: Improper Authentication •
CVE-2019-13408 – Advan VD-1 allows users to download arbitrary files
https://notcve.org/view.php?id=CVE-2019-13408
A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication. Una vulnerabilidad de recorrido de ruta relativa encontrada en las versiones de firmware de Advan VD-1 hasta 230. Permite a los atacantes descargar archivos arbitrarios a través de url cgibin/ExportSettings.cgi? • http://surl.twcert.org.tw/2bvXq https://gist.github.com/keniver/f5155b42eb278ec0273b83565b64235b#file-androvideo-advan-vd-1-multiple-vulnerabilities-md https://tvn.twcert.org.tw/taiwanvn/TVN-201906009 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal CWE-862: Missing Authorization •