Vulnerabilities > CVE-2017-9385 - Credentials Management vulnerability in Getvera Veraedge Firmware and Veralite Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses root as the username and the password in the /etc/cmh/cmh.conf file which can be extracted by an attacker using a directory traversal attack, and then log in to the device with the highest privileges.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Hardware | 2 |
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.html
- http://packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.html
- https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdf
- https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdf
- https://seclists.org/bugtraq/2019/Jun/8
- https://seclists.org/bugtraq/2019/Jun/8