// For flags

CVE-2019-3404

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C.

Al agregar algunos campos especiales en la función de uri ofrouter app, el usuario podría abusar de las funciones cgi de la aplicación en segundo plano sin necesidad de autenticación. Esto afecta a los enrutadores P0 y F5C de 360.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2018-12-19 CVE Reserved
  • 2020-03-04 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
360
Search vendor "360"
P0 Router Firmware
Search vendor "360" for product "P0 Router Firmware"
3.1.1.65150
Search vendor "360" for product "P0 Router Firmware" and version "3.1.1.65150"
-
Affected
in 360
Search vendor "360"
P0 Router
Search vendor "360" for product "P0 Router"
--
Safe
360
Search vendor "360"
F5c Router Firmware
Search vendor "360" for product "F5c Router Firmware"
3.1.1.65150
Search vendor "360" for product "F5c Router Firmware" and version "3.1.1.65150"
-
Affected
in 360
Search vendor "360"
F5c Router
Search vendor "360" for product "F5c Router"
--
Safe