CVE-2019-17224 - OpenCVE

The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Compal	Ch7465lg Ch7465lg Firmware

Configuration 1 [-]

AND

cpe:2.3:o:compal:ch7465lg_firmware:ch7465lg-ncip-6.12.18.25-2p6-nosh:*:*:*:*:*:*:*

cpe:2.3:h:compal:ch7465lg:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://vulnerabilities.home.blog/2019/10/27/again-a-vunerability-in-cable-router-ch7465lg-cve-2019-17224/
https://www.search-lab.hu/media/Compal_CH7465LG_Evaluation_Report_1.1.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-10-28T14:31:30

Updated: 2024-08-05T01:33:17.301Z

Reserved: 2019-10-06T00:00:00

Link: CVE-2019-17224

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-10-28T15:15:14.240

Modified: 2019-11-05T14:43:56.133

Link: CVE-2019-17224

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-28T14:31:30", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.search-lab.hu/media/Compal_CH7465LG_Evaluation_Report_1.1.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://vulnerabilities.home.blog/2019/10/27/again-a-vunerability-in-cable-router-ch7465lg-cve-2019-17224/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-17224", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.search-lab.hu/media/Compal_CH7465LG_Evaluation_Report_1.1.pdf", "refsource": "MISC", "url": "https://www.search-lab.hu/media/Compal_CH7465LG_Evaluation_Report_1.1.pdf"}, {"name": "https://vulnerabilities.home.blog/2019/10/27/again-a-vunerability-in-cable-router-ch7465lg-cve-2019-17224/", "refsource": "MISC", "url": "https://vulnerabilities.home.blog/2019/10/27/again-a-vunerability-in-cable-router-ch7465lg-cve-2019-17224/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T01:33:17.301Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.search-lab.hu/media/Compal_CH7465LG_Evaluation_Report_1.1.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://vulnerabilities.home.blog/2019/10/27/again-a-vunerability-in-cable-router-ch7465lg-cve-2019-17224/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-17224", "datePublished": "2019-10-28T14:31:30", "dateReserved": "2019-10-06T00:00:00", "dateUpdated": "2024-08-05T01:33:17.301Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:compal:ch7465lg_firmware:ch7465lg-ncip-6.12.18.25-2p6-nosh:*:*:*:*:*:*:*", "matchCriteriaId": "BF5A6C49-BAE4-4EFF-82EA-39C765E44A3B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:compal:ch7465lg:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1C81061-C74C-42DF-BA8F-6B2AD9C0A3C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html."}, {"lang": "es", "value": "La interfaz web del m\u00f3dem Compal Broadband CH7465LG (versi\u00f3n CH7465LG-NCIP-6.12.18.25-2p6-NOSH) es vulnerable a un ataque de salto de ruta (path) de /%2f/, que puede ser explotado para comprobar la existencia de un nombre de ruta de archivo fuera del directorio root web. Si un archivo existe pero no es parte del producto, se presenta un error 404. Si no existe un archivo, se presenta un redireccionamiento 302 hacia el archivo index.html."}], "id": "CVE-2019-17224", "lastModified": "2019-11-05T14:43:56.133", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-28T15:15:14.240", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://vulnerabilities.home.blog/2019/10/27/again-a-vunerability-in-cable-router-ch7465lg-cve-2019-17224/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.search-lab.hu/media/Compal_CH7465LG_Evaluation_Report_1.1.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}