CVE-2019-13474
Summary
| CVE | CVE-2019-13474 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-09-16 12:15:00 UTC |
| Updated | 2023-09-05 17:15:00 UTC |
| Description | TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo, /LocalPlay, /irdevice.xml, /Sendkey, /setvol, /hotkeylist, /init, /playlogo.jpg, /stop, /exit, /back, and /playinfo commands. |
Risk And Classification
Problem Types: CWE-798
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Telestar | Bobs Rock Radio | - | All | All | All |
| Hardware | Telestar | Bobs Rock Radio | - | All | All | All |
| Operating System | Telestar | Bobs Rock Radio Firmware | - | All | All | All |
| Operating System | Telestar | Bobs Rock Radio Firmware | - | All | All | All |
| Hardware | Telestar | Dabman D10 | - | All | All | All |
| Hardware | Telestar | Dabman D10 | - | All | All | All |
| Operating System | Telestar | Dabman D10 Firmware | - | All | All | All |
| Operating System | Telestar | Dabman D10 Firmware | - | All | All | All |
| Hardware | Telestar | Dabman I30 Stereo | - | All | All | All |
| Hardware | Telestar | Dabman I30 Stereo | - | All | All | All |
| Operating System | Telestar | Dabman I30 Stereo Firmware | - | All | All | All |
| Operating System | Telestar | Dabman I30 Stereo Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I110 | - | All | All | All |
| Hardware | Telestar | Imperial I110 | - | All | All | All |
| Operating System | Telestar | Imperial I110 Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I110 Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I150 | - | All | All | All |
| Hardware | Telestar | Imperial I150 | - | All | All | All |
| Operating System | Telestar | Imperial I150 Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I150 Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I200 | - | All | All | All |
| Hardware | Telestar | Imperial I200 | - | All | All | All |
| Hardware | Telestar | Imperial I200-cd | - | All | All | All |
| Hardware | Telestar | Imperial I200-cd | - | All | All | All |
| Operating System | Telestar | Imperial I200-cd Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I200-cd Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I200 Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I200 Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I400 | - | All | All | All |
| Hardware | Telestar | Imperial I400 | - | All | All | All |
| Operating System | Telestar | Imperial I400 Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I400 Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I450 | - | All | All | All |
| Hardware | Telestar | Imperial I450 | - | All | All | All |
| Operating System | Telestar | Imperial I450 Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I450 Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I500-bt | - | All | All | All |
| Hardware | Telestar | Imperial I500-bt | - | All | All | All |
| Operating System | Telestar | Imperial I500-bt Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I500-bt Firmware | - | All | All | All |
| Hardware | Telestar | Imperial I600 | - | All | All | All |
| Hardware | Telestar | Imperial I600 | - | All | All | All |
| Operating System | Telestar | Imperial I600 Firmware | - | All | All | All |
| Operating System | Telestar | Imperial I600 Firmware | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Dabman & Imerpial - HTML AutoPwner | MISC | www.vulnerability-lab.com | Exploit, Third Party Advisory |
| Internet Radio auna IR-160 SE UIProto DoS / XSS / Missing Authentication ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Full Disclosure: Vulnerabilities in Internet Radio auna IR-160 SE (UIProto) | FULLDISC | seclists.org | |
| Full Disclosure: Dabman & Imperial (i&d) Web Radio Devices - Undocumented Telnet Backdoor & Command Execution Vulnerability | MISC | seclists.org | Mailing List, Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.