Trusted Design

• 重大度: Unknown
• 公開日: 2018-07-13
• 更新日: 2024-08-06

概要

Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.bin to cause the modem to reboot.

このCVEに関連するMITRE ATT&CKテクニック

• T1602 - Data from Configuration Repository
• T1588.007 - Artificial Intelligence
• T1003.002 - Security Account Manager
• T1583.002 - DNS Server
• T1192 - Spearphishing Link
• T1484.002 - Trust Modification
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1040 - Network Sniffing
• T1071 - Application Layer Protocol
• T1608.001 - Upload Malware
• T1070.008 - Clear Mailbox Data
• T1016.002 - Wi-Fi Discovery
• T1525 - Implant Internal Image
• T1547.005 - Security Support Provider
• T1181 - Extra Window Memory Injection
• T1562.004 - Disable or Modify System Firewall
• T1555.003 - Credentials from Web Browsers
• T1563 - Remote Service Session Hijacking
• T1585.002 - Email Accounts
• T1598.004 - Spearphishing Voice
• T1055.013 - Process Doppelgänging
• T1546.008 - Accessibility Features
• T1550.003 - Pass the Ticket
• T1647 - Plist File Modification
• T1586 - Compromise Accounts
• T1218.005 - Mshta
• T1608.005 - Link Target
• T1534 - Internal Spearphishing
• T1219.003 - Remote Access Hardware
• T1078 - Valid Accounts
• T1055.012 - Process Hollowing
• T1110.004 - Credential Stuffing
• T1187 - Forced Authentication
• T1486 - Data Encrypted for Impact
• T1184 - SSH Hijacking
• T1499 - Endpoint Denial of Service
• T1591.004 - Identify Roles
• T1543.001 - Launch Agent
• T1223 - Compiled HTML File
• T1498 - Network Denial of Service
• T1159 - Launch Agent
• T1550.002 - Pass the Hash
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1204.001 - Malicious Link
• T1529 - System Shutdown/Reboot

このCVEが関連しているPulses

• Vulnerability Note VU#614751 - Hughes satellite modems contain multiple vulnerabilities

CVEの関係性グラフ

---

← CVE一覧に戻る