Vulnerability Details : CVE-2019-11321
An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router opens TCP port 8010. Users can send hnap requests to this port without authentication to obtain information such as the MAC addresses of connected client devices.
Products affected by CVE-2019-11321
- cpe:2.3:o:motorola:cx2_firmware:1.01:*:*:*:*:*:*:*
- cpe:2.3:o:motorola:m2_firmware:1.01:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-11321
0.13%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 46 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-11321
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.9
|
1.4
|
NIST |
CWE ids for CVE-2019-11321
-
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-11321
-
https://github.com/TeamSeri0us/pocs/blob/master/iot/motorola.pdf
Page not found · GitHub · GitHubExploit;Third Party Advisory
Jump to