VDB-217593 · CVE-2018-25069 · cpai-2018-0721

Netis Netcore Router hard-coded password

A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. The CWE definition for the vulnerability is CWE-259. The weakness was presented 01/07/2023 as cpai-2018-0721. The advisory is shared at advisories.checkpoint.com. This vulnerability is uniquely identified as CVE-2018-25069. It is possible to initiate the attack remotely. There are no technical details available. There is no exploit available. The price for an exploit might be around USD $0-$5k at the moment. MITRE ATT&CK project uses the attack technique T1078.001 for this issue. It is declared as not defined. We expect the 0-day to have been worth approximately $0-$5k. It is recommended to apply restrictive firewalling. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Field	01/07/2023 09:45	01/29/2023 15:34	01/29/2023 15:40
url	https://advisories.checkpoint.com/advisory/cpai-2018-0721/	https://advisories.checkpoint.com/advisory/cpai-2018-0721/	https://advisories.checkpoint.com/advisory/cpai-2018-0721/
name	Firewall	Firewall	Firewall
cve	CVE-2018-25069	CVE-2018-25069	CVE-2018-25069
responsible	VulDB	VulDB	VulDB
date	1673046000 (01/07/2023)	1673046000 (01/07/2023)	1673046000 (01/07/2023)
type	Router Operating System	Router Operating System	Router Operating System
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	L	L	L
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	P	P	P
cvss2_vuldb_ai	P	P	P
cvss2_vuldb_rc	UR	UR	UR
cvss2_vuldb_rl	W	W	W
cvss2_vuldb_e	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss2_vuldb_basescore	7.5	7.5	7.5
cvss2_vuldb_tempscore	6.8	6.8	6.8
cvss3_vuldb_basescore	7.3	7.3	7.3
cvss3_vuldb_tempscore	6.8	6.8	6.8
cvss3_meta_basescore	7.3	7.3	8.1
cvss3_meta_tempscore	6.8	6.8	8.0
price_0day	$0-$5k	$0-$5k	$0-$5k
vendor	Netis	Netis	Netis
name	Netcore Router	Netcore Router	Netcore Router
cwe	259 (hard-coded password)	259 (hard-coded password)	259 (hard-coded password)
risk	2	2	2
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	L	L	L
cvss3_vuldb_a	L	L	L
cvss3_vuldb_rl	W	W	W
cvss3_vuldb_rc	R	R	R
identifier	cpai-2018-0721	cpai-2018-0721	cpai-2018-0721
cve_assigned		1673046000 (01/07/2023)	1673046000 (01/07/2023)
cve_nvd_summary		A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability.	A vulnerability classified as critical has been found in Netis Netcore Router. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The identifier VDB-217593 was assigned to this vulnerability.
cvss3_nvd_av			N
cvss3_nvd_ac			L
cvss3_nvd_pr			N
cvss3_nvd_ui			N
cvss3_nvd_s			U
cvss3_nvd_c			H
cvss3_nvd_i			H
cvss3_nvd_a			H
cvss2_nvd_av			N
cvss2_nvd_ac			L
cvss2_nvd_au			N
cvss2_nvd_ci			P
cvss2_nvd_ii			P
cvss2_nvd_ai			P
cvss3_cna_av			N
cvss3_cna_ac			L
cvss3_cna_pr			N
cvss3_cna_ui			N
cvss3_cna_s			U
cvss3_cna_c			L
cvss3_cna_i			L
cvss3_cna_a			L
cve_cna			VulDB
cvss2_nvd_basescore			7.5
cvss3_nvd_basescore			9.8
cvss3_cna_basescore			7.3

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!