CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14000

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.6%

CVSS Severity

CVSS v3 Score 9.4

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/100953
https://ics-cert.us-cert.gov/advisories/ICSA-17-264-02
http://www.securityfocus.com/bid/100953
https://ics-cert.us-cert.gov/advisories/ICSA-17-264-02

Products affected by CVE-2017-14000

Ctekproducts » Skyrouter Z4200 » Version: N/A

cpe:2.3:h:ctekproducts:skyrouter_z4200:-
Ctekproducts » Skyrouter Z4400 » Version: N/A

cpe:2.3:h:ctekproducts:skyrouter_z4400:-
Ctekproducts » Skyrouter Z4200 Firmware » Version: 6.00.05

cpe:2.3:o:ctekproducts:skyrouter_z4200_firmware:6.00.05
Ctekproducts » Skyrouter Z4400 Firmware » Version: 6.00.05

cpe:2.3:o:ctekproducts:skyrouter_z4400_firmware:6.00.05

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14000

Products

Pricing

Contact Us