CVE-2017-9385

Опубликовано: 17 июн. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses root as the username and the password in the /etc/cmh/cmh.conf file which can be extracted by an attacker using a directory traversal attack, and then log in to the device with the highest privileges.

Ссылки

http://packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.html
Third Party Advisory
VDB Entry
https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdf
Exploit
Third Party Advisory
https://seclists.org/bugtraq/2019/Jun/8
Mailing List
Third Party Advisory
http://packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.html
Third Party Advisory
VDB Entry
https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdf
Exploit
Third Party Advisory
https://seclists.org/bugtraq/2019/Jun/8
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:getvera:veraedge_firmware:*:*:*:*:*:*:*:*

Версия до 1.7.19 (включая)

cpe:2.3:h:getvera:veraedge:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:getvera:veralite_firmware:*:*:*:*:*:*:*:*

Версия до 1.7.481 (включая)

cpe:2.3:h:getvera:veralite:-:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00858

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-jpp8-9286-h8x5