Lucene search

[email protected]CVE-2002-1968

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1968

2022-10-0316:23:48

[email protected]

web.nvd.nist.gov

com21

doxport

cable modem

firmware

security vulnerability

tftp

local users

configuration modification

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before 2.1.1.108.003, downloads a DOCSIS configuration file from a TFTP server running on the internal network, which allows local users to modify configuration of the modem via a malicious TFTP server.

Affected configurations

NVD

Node

com21doxport_1100Match2.1.1.106

CPENameOperatorVersion
com21:doxport_1100com21 doxport 1100eq2.1.1.106

CPE	Name	Operator	Version
com21:doxport_1100	com21 doxport 1100	eq	2.1.1.106

References

archives.neohapsis.com/archives/bugtraq/2002-12/0017.html

securitytracker.com/id?1005524

www.iss.net/security_center/static/10543.php

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2002-1968

nvd1 cvelist1