CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19967

The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH devices accepts a cleartext password in a POST request on port 80, as demonstrated by the Password field to the xml/setter.xml URI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 36.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/filipi86/ConnectBoxDOCSIS-3.0
https://github.com/filipi86/ConnectBoxDOCSIS-3.0

Products affected by CVE-2019-19967

Upc » Connect Box Eurodocsis » Version: 3.0

cpe:2.3:h:upc:connect_box_eurodocsis:3.0
Upc » Connect Box Eurodocsis Firmware » Version: ch7465lg-ncip-6.12.18.25-2p6-nosh

cpe:2.3:o:upc:connect_box_eurodocsis_firmware:ch7465lg-ncip-6.12.18.25-2p6-nosh

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19967

Products

Pricing

Contact Us