CVE-2019-7564

Published: May 7, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. The password reset functionality of the Wireless SSID doesn't require any type of authentication. By making a POST request to the regx/wireless/wl_security_2G.asp URI, the attacker can change the password of the Wi-FI network.

Affected (5)

Products: Coship: Rt3052 Firmware, Rt3050 Firmware, Wm3300 Firmware, Rt7620 Firmware

4 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Coship Rt3052 Firmware	Version 4.0.0.48

Running on/with	Platform Versions
Coship Rt3052	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Coship Rt3050 Firmware	Version 4.0.0.40

Running on/with	Platform Versions
Coship Rt3050	All versions

Configuration C

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Coship Wm3300 Firmware	Version 5.0.0.54
Coship Wm3300 Firmware	Version 5.0.0.55

Running on/with	Platform Versions
Coship Wm3300	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Coship Rt7620 Firmware	Version 10.0.0.49

Running on/with	Platform Versions
Coship Rt7620	All versions

Related CWEs

CWE-306

Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

References (2)

http://packetstormsecurity.com/files/151595/Coship-Wireless-Router-4.0.0.x-5.0.0.x-Authentication-Bypass.html

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/151595/Coship-Wireless-Router-4.0.0.x-5.0.0.x-Authentication-Bypass.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.