PT-2019-10078 · Inteno · Inteno Iopsys

Rasmus Moorats

Published

2019-04-11

Updated

2019-04-12

CVE-2018-20487

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Inteno IOPSYS versions 1.0 through 3.16

Description: An issue was discovered in the firewall3 component. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the path argument to a malicious script or binary. This gets executed as root when the firewall changes are committed.

Recommendations: For Inteno IOPSYS versions 1.0 through 3.16, consider restricting access to the JSON-RPC method to add firewall rules until a patch is available. As a temporary workaround, avoid using the path argument to point to external scripts or binaries.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2018-20487

Affected Products

Inteno Iopsys

PT-2019-10078 · Inteno · Inteno Iopsys

CVE-2018-20487

Weakness Enumeration

Related Identifiers

Affected Products

References · 4