CVE-2019-6005
published 2019-09-12CVE-2019-6005: Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.12%
79.6th percentile
Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kddi | smart_tv_box_firmware | < 1300 | 1300 |
| smart_tv_box | firmware_version_prior_to_1300 | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL NETBIOS DCERPC IrotIsRunning attempt
suricata·2010-09-23
CVE-2002-1561 GPL NETBIOS DCERPC IrotIsRunning attempt
GPL NETBIOS DCERPC IrotIsRunning attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC IrotIsRunning attempt"; flow:established,to_server; flowbits:isset,smb.tree.bind.irot; content:"|05|"; byte_test:1,!&,16,3,relative; content:"|00|"; within:1; distance:1; content:"|00 02|"; within:2; distance:19; byte_test:4,>,128,0,relative; reference:bugtraq,6005; reference:cve,2002-1561; reference:url,www.microsoft.com/technet/security/bulletin/MS03-010.mspx; classtype:protocol-command-decode; sid:2103238; rev:4; metadata:created_at 2010_09_23, cve CVE_2002_1561, signature_severity Informational, updated_at 2019_07_26;)
Suricata
GPL NETBIOS DCERPC IrotIsRunning little endian attempt
suricata·2010-09-23
CVE-2002-1561 GPL NETBIOS DCERPC IrotIsRunning little endian attempt
GPL NETBIOS DCERPC IrotIsRunning little endian attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 135 (msg:"GPL NETBIOS DCERPC IrotIsRunning little endian attempt"; flow:established,to_server; flowbits:isset,smb.tree.bind.irot; content:"|05|"; byte_test:1,&,16,3,relative; content:"|00|"; within:1; distance:1; content:"|02 00|"; within:2; distance:19; byte_test:4,>,128,0,little,relative; reference:bugtraq,6005; reference:cve,2002-1561; reference:url,www.microsoft.com/technet/security/bulletin/MS03-010.mspx; classtype:protocol-command-decode; sid:2103239; rev:4; metadata:created_at 2010_09_23, cve CVE_2002_1561, signature_severity Informational, updated_at 2019_07_26;)
No public exploits indexed.
No writeups or analysis indexed.
2019-09-12
Published