CVE-2019-11321

{"id": "CVE-2019-11321", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2019-04-18T17:29:01.117", "references": [{"url": "https://github.com/TeamSeri0us/pocs/blob/master/iot/motorola.pdf", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices."}, {"lang": "es", "value": "Fue encontrado un problema en Motorola versi\u00f3n CX2 1.01 y versi\u00f3n M2 1.01. El enrutador abre el puerto TCP 8010. Los usuarios pueden enviar solicitudes hnap a este puerto sin identificaci\u00f3n para obtener informaci\u00f3n como las direcciones MAC de los dispositivos conectados de los clientes."}], "lastModified": "2020-08-24T17:37:01.140", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:motorola:cx2_firmware:1.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF718B80-C96A-4B0B-B364-A89034D98673"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:motorola:cx2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1EE290B-A77C-464F-AC0D-24A5A42D6EC5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:motorola:m2_firmware:1.01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90D65B9F-52E4-4BD1-997C-69BA66E2BD52"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:motorola:m2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "97CFCECE-3099-4852-8AA1-AADA2D148B19"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}