Logo
Loginsoft Vulnerability Intelligence

Vulnerability Details

CVE-2016-10372

Improper protocol access control vulnerability in Eir D1000 modem leads to execute arbitrary commands via TCP port 7547

NVD Published
2017-05-16
NVD Updated
2017-12-19

EPSS

0.97442

CVE Age

2834 Days

CVE Description

The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature.

Affected Platforms

Linux

Analysis

Threat Score

99/100

Very High Priority

Should be patched in less than 2 days

Known for

Emerging
Pre NVD

Tags

Abused by APT Groups - Historical
Exploited in wild - Actively
CVSS Score between 9 to 10
Abused by Ransomware - Historical
Abused by Trojan - Historical
Abused by Cryptominers - Historical
Abused by other malware - Historical
Exploit available in Public
Remotely Exploitable
Exploit Integrated in Red-Teaming Tools
Number of CPEs Vendors greater than 5
lock-keyhole

Visible to members only.

Login to view.

CVSS V4 BASE SCORE
NA
CVSS V3 BASE SCORE
NA
CVSS V3 VECTOR
NA
CVSS V2 BASE SCORE
10.0
CVSS V2 VECTOR
AV:N/AC:L/Au:N/C:C/I:C/A:C
Aliases
UNKNOWN
CAPEC
CVEs Linked
TTPs
NA

Vulnerability Details

CVE-2016-10372

Improper protocol access control vulnerability in Eir D1000 modem leads to execute arbitrary commands via TCP port 7547

NVD Published
2017-05-16
NVD Updated
2017-12-19

EPSS

0.97442

CVE Age

2834 Days

CVE Description

The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature.

Affected Platforms

Linux

Analysis

Threat Score

99/100

Very High Priority

Should be patched in less than 2 days

Known for

Emerging
Pre NVD

Tags

Abused by APT Groups - Historical
Exploited in wild - Actively
CVSS Score between 9 to 10
Abused by Ransomware - Historical
Abused by Trojan - Historical
Abused by Cryptominers - Historical
Abused by other malware - Historical
Exploit available in Public
Remotely Exploitable
Exploit Integrated in Red-Teaming Tools
Number of CPEs Vendors greater than 5
lock-keyhole

Visible to members only.

Login to view.

CVSS V4 BASE SCORE
NA
CVSS V3 BASE SCORE
NA
CVSS V3 VECTOR
NA
CVSS V2 BASE SCORE
10.0
CVSS V2 VECTOR
AV:N/AC:L/Au:N/C:C/I:C/A:C
Aliases
UNKNOWN
CAPEC
CVEs Linked
TTPs
NA