Vulnerability CVE-2016-9494


Published: 2018-07-13

Description:
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device's advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service.

Type:

CWE-20

(Improper Input Validation)

CVSS2 => (AV:A/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.3/10
2.9/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Hughes -> Dw7000 firmware 
Hughes -> Hn7000s firmware 
Hughes -> Hn7000sm firmware 
Hughes -> Hn7740s firmware 

 References:
https://www.kb.cert.org/vuls/id/614751
https://www.securityfocus.com/bid/96244

Copyright 2024, cxsecurity.com

 

Back to Top