cbcvebase.
CVE-2015-8284
published 2017-04-13

CVE-2015-8284: SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.

PriorityP260high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EXPLOIT
EPSS
4.18%
89.6th percentile
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.

Affected

1 ranges
VendorProductVersion rangeFixed in
seawell_networksspectrum_sdc

Detection & IOCsextracted from sources · hover to see the quote

url/system_manage.php?username=viewer&password=viewer&password=viewer&userlevel=1&action=add_user&ekey=&LActiveRow=
url/system_manage.php?username=viewer1&password=viewer&password=viewer&userlevel=9&action=add_user&ekey=&LActiveRow=
url/system_manage.php?username=viewer1&password=&password=&userlevel=9&action=delete_user&ekey=4&LActiveRow=sys_Luser_4
url/system_manage.php?username=system&password=&password=&userlevel=9&action=delete_user&ekey=4&LActiveRow=sys_Luser_4
url/system_manage.php?username=admin&password=admin1&password=admin1&userlevel=9&action=update_user&ekey=3&LActiveRow=sys_Luser_3
url/configure_manage.php?action=download_config&file=policy.xml
url/configure_manage.php?action=download_config&file=cookie_config.xml
url/configure_manage.php?action=download_config&file=systemCfg.xml
path/configure_manage.php
path/system_manage.php
  • Detect unauthenticated or low-privilege (viewer) access to system_manage.php with admin action parameters (action=add_user, action=delete_user, action=update_user) and userlevel=9 in the query string, indicating privilege escalation attempts.
  • Alert on HTTP requests to configure_manage.php with action=download_config and a file parameter, especially containing path traversal sequences (e.g., ../), targeting sensitive files such as policy.xml, cookie_config.xml, or systemCfg.xml.
  • Monitor for the response string '0Success1' from system_manage.php, which indicates a successful unauthorized administrative action was performed.
  • Flag requests to system_manage.php where userlevel=9 is set by a non-admin session, as admin privilege level is denoted by userlevel=9 and viewer by userlevel=1.
  • ·The affected version is specifically Spectrum SDC 02.05.00, Build 02.05.00.0016; detections should be scoped to this product version.
  • ·The application uses default credentials (admin/admin) which may be present on unpatched deployments; detections for default credential login attempts are also relevant.

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.