OpenCVE

Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15 US_AC15V1.0BR_V15.03.05.18_multi_TD01, Ac15 US_AC15V1.0BR_V15.03.05.19_multi_TD01, Ac18 US_AC18V1.0BR_V15.03.05.05_multi_TD01, and Ac18 ac18_kf_V15.03.05.19(6318_)_cn devices allows remote unauthenticated attackers to read arbitrary files via a cgi-bin/luci/request?op=1&path= URI that uses directory traversal sequences after a /usb/ substring.

No CVSS v4.0

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tenda	Ac15 Ac15 Firmware Ac18 Ac18 Firmware Ac9 Ac9 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tenda:ac9_firmware:us_ac9v1.0br_v15.03.05.14_multi_td01:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:tenda:ac9_firmware:ac9_kf_v15.03.05.19\(6318_\)_cn:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac9:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:tenda:ac15_firmware:us_ac15v1.0br_v15.03.05.18_multi_td01:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:tenda:ac15_firmware:us_ac15v1.0br_v15.03.05.19_multi_td01:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac15:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:tenda:ac18_firmware:us_ac18v1.0br_v15.03.05.05_multi_td01:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:tenda:ac18_firmware:ac18_kf_v15.03.05.19\(6318_\)_cn:*:*:*:*:*:*:*

cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/Iolop/Poc/tree/master/Router/Tenda

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-11-24T07:00:00

Updated: 2024-08-05T20:43:59.320Z

Reserved: 2017-11-24T00:00:00

Link: CVE-2017-16936

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2017-11-24T07:29:00.350

Modified: 2017-12-12T16:04:56.777

Link: CVE-2017-16936

Redhat

No data.

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object