CVE-2017-17867

Published: Jan 4, 2018Modified: Nov 21, 2024

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. This issue existed because the /etc/uci-defaults directory was not being used to secure the OpenWrt configuration.

Affected (2)

Products: Intenogroup: Iopsys

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Intenogroup Iopsys	From 2.0 to 3.14
Intenogroup Iopsys	Version 4.0

Related CWEs

Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (6)

http://public.inteno.se/?p=feed-inteno-openwrt.git%3Ba=commit%3Bh=efcc985a721107e72a66da4db66891ec54441998

Source: cve@mitre.org

https://neonsea.uk/blog/2017/12/23/rce-inteno-iopsys.html

Source: cve@mitre.org

ExploitTechnical DescriptionThird Party Advisory

https://www.exploit-db.com/exploits/43428/

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://public.inteno.se/?p=feed-inteno-openwrt.git%3Ba=commit%3Bh=efcc985a721107e72a66da4db66891ec54441998

Source: af854a3a-2127-422b-91ae-364da2661108

https://neonsea.uk/blog/2017/12/23/rce-inteno-iopsys.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitTechnical DescriptionThird Party Advisory

https://www.exploit-db.com/exploits/43428/

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.