Vulnerability CVE-2017-7240

Vulnerability CVE-2017-7240

Published: 2017-03-24

Description:

An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. This affects PG8527 devices 2.02 before 2.12, PG8527 devices 2.51 before 2.61, PG8527 devices 2.52 before 2.62, PG8527 devices 2.54 before 2.64, PG8528 devices 2.02 before 2.12, PG8528 devices 2.51 before 2.61, PG8528 devices 2.52 before 2.62, PG8528 devices 2.54 before 2.64, PG8535 devices 1.00 before 1.10, PG8535 devices 1.04 before 1.14, PG8536 devices 1.10 before 1.20, and PG8536 devices 1.14 before 1.24.

See advisories in our WLB2 database:

	Topic	Author	Date
Med.	Miele Professional PG 8528 Directory Traversal	Jens Regel	25.03.2017

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	None	None

Affected software
Miele professional -> Pst10 webserver

References:

http://seclists.org/fulldisclosure/2017/Mar/63

http://www.securityfocus.com/bid/97080

https://ics-cert.us-cert.gov/advisories/ICSA-17-138-01

https://www.miele.de/en/m/miele-admits-communication-glitch-4072.htm

Copyright 2024, cxsecurity.com