Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2017-14000
HistoryOct 05, 2017 - 1:29 a.m.

CVE-2017-14000

2017-10-0501:29:05
CWE-287
[email protected]
web.nvd.nist.gov
25
ctek
skyrouter
4200
4400
improper authentication
cve-2017-14000
security vulnerability
web server

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.6%

JSON

An Improper Authentication issue was discovered in Ctek SkyRouter Series 4200 and 4400, all versions prior to V6.00.11. By accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the application without authenticating.

Affected configurations

NVD
Node
ctekproductsskyrouter_z4200_firmwareRange6.00.05
AND
ctekproductsskyrouter_z4200Match-
Node
ctekproductsskyrouter_z4400_firmwareRange6.00.05
AND
ctekproductsskyrouter_z4400Match-

CNA Affected

[
  {
    "product": "Ctek, Inc. SkyRouter",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Ctek, Inc. SkyRouter"
      }
    ]
  }
]

Related

prion 1
ics 1
cvelist 1
nvd 1
prion
prion
Authentication flaw
2017-10-05 01:29:00
ics
ics
Ctek, Inc. SkyRouter
2017-09-21 12:00:00
cvelist
cvelist
CVE-2017-14000
2017-10-04 07:00:00
nvd
nvd
CVE-2017-14000
2017-10-05 01:29:05

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.6%

JSON
Related for CVE-2017-14000
prion1ics1cvelist1nvd1