CVE-2020-12504

Published: Oct 15, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.

Affected (29)

Products: Pepperl Fuchs: Es7510 Xt Firmware, Es8509 Xt Firmware, Es8510 Xt Firmware, Es9528 Xtv2 Firmware, Es7506 Firmware, Es7510 Firmware, Es7528 Firmware, Es8508 Firmware, Es8508f Firmware, Es8510 Firmware, Es8510 Xte Firmware, Es9528 Firmware, Es9528 Xt Firmware, Icrl M 8rj45/4sfp G Din Firmware, Icrl M 16rj45/4cp G Din Firmware · Korenix: Jetwave 2212s Firmware, Jetwave 2212g Firmware, Jetwave 2311 Firmware, Jetwave 3220 Firmware, Jetwave 3420 Firmware, Jetwave 2212x Firmware, Jetwave 5428g 20sfp Firmware, Jetwave 5810g Firmware, Jetwave 5310 Firmware, Jetwave 5010 Firmware, Jetwave 4706f Firmware, Jetwave 4706 Firmware, Jetwave 4510 Firmware · Westermo: Pmi 110 F2g Firmware

15 products

Icrl M 8rj45/4sfp G Din Firmware

Icrl M 16rj45/4cp G Din Firmware

Korenix

13 products

Jetwave 2212s Firmware

Jetwave 2212g Firmware

Jetwave 2311 Firmware

Jetwave 3220 Firmware

Jetwave 3420 Firmware

Jetwave 2212x Firmware

Jetwave 5428g 20sfp Firmware

Jetwave 5810g Firmware

Jetwave 5310 Firmware

Jetwave 5010 Firmware

Jetwave 4706f Firmware

Jetwave 4706 Firmware

Jetwave 4510 Firmware

Westermo

1 product

Pmi 110 F2g Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es7510 Xt Firmware	Before 2.1.1

Running on/with	Platform Versions
Pepperl Fuchs Es7510 Xt	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es8509 Xt Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es8509 Xt	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es8510 Xt Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es8510 Xt	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es9528 Xtv2 Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es9528 Xtv2	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es7506 Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es7506	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es7510 Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es7510	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es7528 Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es7528	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es8508 Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es8508	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es8508f Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es8508f	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es8510 Firmware	Before 3.1.1

Running on/with	Platform Versions
Pepperl Fuchs Es8510	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es8510 Xte Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es8510 Xte	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es9528 Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es9528	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Es9528 Xt Firmware	All versions

Running on/with	Platform Versions
Pepperl Fuchs Es9528 Xt	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Icrl M 8rj45/4sfp G Din Firmware	Up to 1.2.3

Running on/with	Platform Versions
Pepperl Fuchs Icrl M 8rj45/4sfp G Din	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Pepperl Fuchs Icrl M 16rj45/4cp G Din Firmware	Up to 1.2.3

Running on/with	Platform Versions
Pepperl Fuchs Icrl M 16rj45/4cp G Din	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 2212s Firmware	Version 1.5

Running on/with	Platform Versions
Korenix Jetwave 2212s	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 2212g Firmware	Version 1.4

Running on/with	Platform Versions
Korenix Jetwave 2212g	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 2311 Firmware	Version 1.2

Running on/with	Platform Versions
Korenix Jetwave 2311	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 3220 Firmware	Version 1.2

Running on/with	Platform Versions
Korenix Jetwave 3220	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 3420 Firmware	Version 1.1.3t

Running on/with	Platform Versions
Korenix Jetwave 3420	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 2212x Firmware	Version 1.5

Running on/with	Platform Versions
Korenix Jetwave 2212x	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 5428g 20sfp Firmware	Version 1.0

Running on/with	Platform Versions
Korenix Jetwave 5428g 20sfp	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 5810g Firmware	Version 1.1

Running on/with	Platform Versions
Korenix Jetwave 5810g	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 5310 Firmware	Version 1.5

Running on/with	Platform Versions
Korenix Jetwave 5310	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 5010 Firmware	Version 3.1a

Running on/with	Platform Versions
Korenix Jetwave 5010	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 4706f Firmware	Version 2.3b

Running on/with	Platform Versions
Korenix Jetwave 4706f	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 4706 Firmware	Version 2.3b

Running on/with	Platform Versions
Korenix Jetwave 4706	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Korenix Jetwave 4510 Firmware	Version 3.0b

Running on/with	Platform Versions
Korenix Jetwave 4510	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Westermo Pmi 110 F2g Firmware	Version 1.5

Running on/with	Platform Versions
Westermo Pmi 110 F2g	All versions

Related CWEs

CWE-912

Hidden Functionality

The product contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the product's users or administrators.

References (12)

http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html

Source: info@cert.vde.com

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html

Source: info@cert.vde.com

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2021/Jun/0

Source: info@cert.vde.com

ExploitMailing ListThird Party Advisory

https://cert.vde.com/de-de/advisories/vde-2020-040

Source: info@cert.vde.com

Third Party Advisory

https://cert.vde.com/en-us/advisories/vde-2020-053

Source: info@cert.vde.com

Third Party Advisory

https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/

Source: info@cert.vde.com

ExploitThird Party Advisory

http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html