ID

VAR-201906-0838


CVE

CVE-2017-9382


TITLE

Vera VeraEdge and Veralite Path traversal vulnerability in devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-014521

DESCRIPTION

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "file" as one of the service actions for a normal user to read a file that is stored under the /etc/cmh-lu folder. It retrieves the value from the "parameters" query string variable and then passes it to an internal function "FileUtils::ReadFileIntoBuffer" which is a library function that does not perform any sanitization on the value submitted and this allows an attacker to use directory traversal characters "../" and read files from other folders within the device. Vera VeraEdge and Veralite The device contains a path traversal vulnerability.Information may be obtained. FileUtils is an open source file management tool. A security vulnerability exists in Vera VeraEdge version 1.7.19 and Veralite version 1.7.481. The vulnerability is caused by the program not filtering the value submitted by the user. An attacker can use the directory traversal character '../' to exploit this vulnerability to read the contents of other files

Trust: 1.8

sources: NVD: CVE-2017-9382 // JVNDB: JVNDB-2017-014521 // VULHUB: VHN-117585 // VULMON: CVE-2017-9382

AFFECTED PRODUCTS

vendor:getveramodel:veralitescope:lteversion:1.7.481

Trust: 1.0

vendor:getveramodel:veraedgescope:lteversion:1.7.19

Trust: 1.0

vendor:vera controlmodel:veraedgescope:eqversion:1.7.19

Trust: 0.8

vendor:vera controlmodel:veralitescope:eqversion:1.7.481

Trust: 0.8

sources: JVNDB: JVNDB-2017-014521 // NVD: CVE-2017-9382

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-9382
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-9382
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201706-169
value: MEDIUM

Trust: 0.6

VULHUB: VHN-117585
value: MEDIUM

Trust: 0.1

VULMON: CVE-2017-9382
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-9382
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-117585
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-9382
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-117585 // VULMON: CVE-2017-9382 // JVNDB: JVNDB-2017-014521 // CNNVD: CNNVD-201706-169 // NVD: CVE-2017-9382

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-117585 // JVNDB: JVNDB-2017-014521 // NVD: CVE-2017-9382

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201706-169

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201706-169

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014521

PATCH

title:VeraEdgeurl:https://getvera.com/controllers/veraedge/

Trust: 0.8

title:VeraLiteurl:https://getvera.com/controllers/veralite/

Trust: 0.8

title:IoT_vulnerabilitiesurl:https://github.com/ethanhunnt/IoT_vulnerabilities

Trust: 0.1

sources: VULMON: CVE-2017-9382 // JVNDB: JVNDB-2017-014521

EXTERNAL IDS

db:NVDid:CVE-2017-9382

Trust: 2.7

db:PACKETSTORMid:153242

Trust: 1.9

db:JVNDBid:JVNDB-2017-014521

Trust: 0.8

db:CNNVDid:CNNVD-201706-169

Trust: 0.7

db:VULHUBid:VHN-117585

Trust: 0.1

db:VULMONid:CVE-2017-9382

Trust: 0.1

sources: VULHUB: VHN-117585 // VULMON: CVE-2017-9382 // JVNDB: JVNDB-2017-014521 // PACKETSTORM: 153242 // CNNVD: CNNVD-201706-169 // NVD: CVE-2017-9382

REFERENCES

url:https://github.com/ethanhunnt/iot_vulnerabilities/blob/master/vera_sec_issues.pdf

Trust: 2.6

url:https://seclists.org/bugtraq/2019/jun/8

Trust: 1.8

url:http://packetstormsecurity.com/files/153242/veralite-veraedge-router-xss-command-injection-csrf-traversal.html

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-9382

Trust: 1.5

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9382

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/ethanhunnt/iot_vulnerabilities

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9381

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9391

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9389

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9390

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9388

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9385

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9386

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9383

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9387

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9392

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-9384

Trust: 0.1

sources: VULHUB: VHN-117585 // VULMON: CVE-2017-9382 // JVNDB: JVNDB-2017-014521 // PACKETSTORM: 153242 // CNNVD: CNNVD-201706-169 // NVD: CVE-2017-9382

CREDITS

Mandar Satam

Trust: 0.1

sources: PACKETSTORM: 153242

SOURCES

db:VULHUBid:VHN-117585
db:VULMONid:CVE-2017-9382
db:JVNDBid:JVNDB-2017-014521
db:PACKETSTORMid:153242
db:CNNVDid:CNNVD-201706-169
db:NVDid:CVE-2017-9382

LAST UPDATE DATE

2024-11-23T21:52:09.816000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-117585date:2019-06-20T00:00:00
db:VULMONid:CVE-2017-9382date:2019-06-20T00:00:00
db:JVNDBid:JVNDB-2017-014521date:2019-06-24T00:00:00
db:CNNVDid:CNNVD-201706-169date:2019-06-21T00:00:00
db:NVDid:CVE-2017-9382date:2024-11-21T03:35:58.473

SOURCES RELEASE DATE

db:VULHUBid:VHN-117585date:2019-06-17T00:00:00
db:VULMONid:CVE-2017-9382date:2019-06-17T00:00:00
db:JVNDBid:JVNDB-2017-014521date:2019-06-24T00:00:00
db:PACKETSTORMid:153242date:2019-06-07T15:06:02
db:CNNVDid:CNNVD-201706-169date:2017-06-07T00:00:00
db:NVDid:CVE-2017-9382date:2019-06-17T20:15:09.180