PT-2019-16600 · Wifi Soft · Wifi-Soft Unibox Controller

Sahil Dhar

Published

2019-03-18

Updated

2021-09-13

CVE-2019-3495

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Wifi-soft UniBox controller versions 0.x through 2.x

Description An issue was discovered that allows for arbitrary file upload through the network/mesh/edit-nds.php endpoint, enabling an attacker to upload .php files and execute code on the server with root user privileges. The authentication for accessing this component can be bypassed by using hard-coded credentials.

Recommendations For Wifi-soft UniBox controller versions 0.x through 2.x, as a temporary workaround, consider disabling access to the network/mesh/edit-nds.php endpoint until a patch is available. Restrict the use of hard-coded credentials to minimize the risk of exploitation.

Exploit

Fix

Using Hardcoded Credentials

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-798CWE-434

Related Identifiers

CVE-2019-3495

Affected Products

Wifi-Soft Unibox Controller

PT-2019-16600 · Wifi Soft · Wifi-Soft Unibox Controller

CVE-2019-3495

Weakness Enumeration

Related Identifiers

Affected Products

References · 4