{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T10:13:07.864","vulnerabilities":[{"cve":{"id":"CVE-2019-13402","sourceIdentifier":"cve@mitre.org","published":"2019-07-08T01:15:10.170","lastModified":"2024-11-21T04:24:52.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"/usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi on Dynacolor FCM-MB40 v1.2.0.0 devices implement an incomplete factory-reset process. A backdoor can persist because neither system accounts nor the set of services is reset."},{"lang":"es","value":"Los archivos /usr/sbin/default.sh y /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi en dispositivos FCM-MB40 versión v1.2.0.0 de Dynacolor, implementan un proceso de restablecimiento de fábrica incompleto. Un puerta trasera (backdoor) puede persistir porque no se restablecen ni las cuentas del sistema ni el conjunto de servicios."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-212"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fcm-mb40_firmware:1.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"FD32412A-0BB3-4940-A60B-A2C6234BA1C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fortinet:fcm-mb40:-:*:*:*:*:*:*:*","matchCriteriaId":"D7BD30B6-165C-4E93-A16A-8F73D938C782"}]}]}],"references":[{"url":"https://xor.cat/2019/06/19/fortinet-forticam-vulns/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://xor.cat/2019/06/19/fortinet-forticam-vulns/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}