CVE-2018-25144
8.7
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow more
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: disclosure@vulncheck.com (Secondary)
Description
Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.
Affected (15)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 build1098 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn4g | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.2.0 build2160 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn3gb | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 build1184-14 |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 rev2_build1090-2 |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 rev2_build1086 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn4gb | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 reva_build1032 |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 build_1204 |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 rev3_build1184-14 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Vip4gb | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.6 rev2_build1196 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Vip4gb Wifi N | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1076 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Bullet 3g | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1078 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Bullet Lte | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1076 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn3gii | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.2.0 build1078 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Ipn4gii | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.3.0 build1036 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Bulletplus | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.1.0 build1036 |
| Running on/with | Platform Versions |
|---|---|
Microhardcorp Dragon Lte | All versions |
References (4)
Source: disclosure@vulncheck.com
ExploitThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitThird Party Advisory
Timeline
No history available yet.