CVE-2020-12246 - OpenCVE

Beeline Smart Box 2.0.38 routers allow "Advanced settings > Other > Diagnostics" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Beeline	Smart Box Firmware Smart Box

Configuration 1 [-]

AND

cpe:2.3:o:beeline:smart_box_firmware:2.0.38:*:*:*:*:*:*:*

cpe:2.3:h:beeline:smart_box:-:*:*:*:*:*:*:*

References

Link	Resource
https://medium.com/%40Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9e
https://yadi.sk/i/YdfXr-ofAN2ZWA	Exploit Third Party Advisory
https://yadi.sk/i/iIUCJVaGEuSaAw	Exploit Third Party Advisory
https://yadi.sk/i/jXV87yn4ZJfSHA	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2020-04-29T12:34:24

Updated: 2020-04-29T12:34:24

Reserved: 2020-04-24T00:00:00

Link: CVE-2020-12246

JSON object: View

NVD Information

Status : Modified

Published: 2020-04-29T13:15:11.697

Modified: 2023-11-07T03:15:20.570

Link: CVE-2020-12246

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Beeline Smart Box 2.0.38 routers allow \"Advanced settings > Other > Diagnostics\" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-04-29T12:34:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://yadi.sk/i/YdfXr-ofAN2ZWA"}, {"tags": ["x_refsource_MISC"], "url": "https://yadi.sk/i/iIUCJVaGEuSaAw"}, {"tags": ["x_refsource_MISC"], "url": "https://yadi.sk/i/jXV87yn4ZJfSHA"}, {"tags": ["x_refsource_MISC"], "url": "https://medium.com/%40Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9e"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-12246", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Beeline Smart Box 2.0.38 routers allow \"Advanced settings > Other > Diagnostics\" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://yadi.sk/i/YdfXr-ofAN2ZWA", "refsource": "MISC", "url": "https://yadi.sk/i/YdfXr-ofAN2ZWA"}, {"name": "https://yadi.sk/i/iIUCJVaGEuSaAw", "refsource": "MISC", "url": "https://yadi.sk/i/iIUCJVaGEuSaAw"}, {"name": "https://yadi.sk/i/jXV87yn4ZJfSHA", "refsource": "MISC", "url": "https://yadi.sk/i/jXV87yn4ZJfSHA"}, {"name": "https://medium.com/@Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9e", "refsource": "MISC", "url": "https://medium.com/@Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9e"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-12246", "datePublished": "2020-04-29T12:34:24", "dateReserved": "2020-04-24T00:00:00", "dateUpdated": "2020-04-29T12:34:24", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:beeline:smart_box_firmware:2.0.38:*:*:*:*:*:*:*", "matchCriteriaId": "B5BF971B-9050-4901-9B08-791063510E9C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:beeline:smart_box:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6D7F06F-270C-44E4-9E64-E3576D48A546", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Beeline Smart Box 2.0.38 routers allow \"Advanced settings > Other > Diagnostics\" OS command injection via the Ping ping_ipaddr parameter, the Nslookup nslookup_ipaddr parameter, or the Traceroute traceroute_ipaddr parameter."}, {"lang": "es", "value": "Los routers Beeline Smart Box versi\u00f3n 2.0.38, permiten una inyecci\u00f3n de comando del Sistema Operativo de \"Advanced settings ) Other ) Diagnostics\" por medio del par\u00e1metro Ping ping_ipaddr, el par\u00e1metro Nslookup nslookup_ipaddr, o el par\u00e1metro Traceroute traceroute_ipaddr."}], "id": "CVE-2020-12246", "lastModified": "2023-11-07T03:15:20.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-29T13:15:11.697", "references": [{"source": "cve@mitre.org", "url": "https://medium.com/%40Pavel.Step/security-analysis-of-the-smart-box-router-932f86dc8a9e"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://yadi.sk/i/YdfXr-ofAN2ZWA"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://yadi.sk/i/iIUCJVaGEuSaAw"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://yadi.sk/i/jXV87yn4ZJfSHA"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}