CVE-2017-7240
published 2017-03-24CVE-2017-7240: An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone…
PriorityP265high7.5CVSS 3.0
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
17.41%
96.7th percentile
An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. This affects PG8527 devices 2.02 before 2.12, PG8527 devices 2.51 before 2.61, PG8527 devices 2.52 before 2.62, PG8527 devices 2.54 before 2.64, PG8528 devices 2.02 before 2.12, PG8528 devices 2.51 before 2.61, PG8528 devices 2.52 before 2.62, PG8528 devices 2.54 before 2.64, PG8535 devices 1.00 before 1.10, PG8535 devices 1.04 before 1.14, PG8536 devices 1.10 before 1.20, and PG8536 devices 1.14 before 1.24.
Detection & IOCsextracted from sources · hover to see the quote
- →Detect directory traversal attempts against the PST10 WebServer by monitoring HTTP GET requests containing repeated '../' sequences targeting sensitive paths such as /etc/shadow on port 80. ↗
- →Identify the vulnerable server in HTTP response headers by the 'Server: PST10 WebServer' banner, which indicates a Miele Professional PG 85 series device that may be exposed. ↗
- →Flag HTTP responses with Content-disposition header containing filename="./etc/shadow" as evidence of successful directory traversal exploitation. ↗
- →The exploit requires no authentication; monitor for unauthenticated HTTP GET requests with deep traversal sequences (11+ '../' segments) on port 80 to Miele PST10 WebServer hosts. ↗
- ·The vulnerability is exploitable only when the PST10 WebServer is network-accessible; devices isolated behind firewalls or not exposed to the internet are at significantly reduced risk. ↗
- ·Public proof-of-concept exploit code is available, raising the likelihood of opportunistic scanning; CVSS v3 base score is 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). ↗
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m2vr-x66h-pm9j: An issue was discovered on Miele Professional PST10 devices
ghsa_unreviewed·2022-05-17
CVE-2017-7240 [HIGH] CWE-22 GHSA-m2vr-x66h-pm9j: An issue was discovered on Miele Professional PST10 devices
An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. This affects PG8527 devices 2.02 before 2.12, PG8527 devices 2.51 before 2.61, PG8527 devices 2.52 before 2.62, PG8527 devices 2.54 before 2.64, PG8528 devices 2.02 before 2.12, PG8528 devices 2.51 before 2.61, PG8528 devices 2.52 before 2.62, PG8528 devices 2.54 before 2.64, PG8535 devices 1.00 before 1.10, PG8535 devices 1.04 before 1.14, PG8536 devices 1.10 before 1.20, and PG8536 de
CISA ICS
Miele Professional PG 85 Series
cisa_ics·2017-03-30
Miele Professional PG 85 Series
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Miele Professional PG 85 Series
Last RevisedMay 18, 2017
Alert CodeICSA-17-138-01
## CVSS v3 7.3
ATTENTION: Remotely exploitable/low skill level to exploit. Public exploits are available.
Vendor: Miele Professional
Equipment: PG 85 Series
Vulnerability: Path Traversal
## UPDATED INFORMATION
This advisory is a follow-up to the original alert titled ICS-ALERT-17-089-01 Miele Professional PG 8528 Vulnerability that was published March 30, 2017, on the NCCIC/ICS-CERT web site.
## AFFECTED PRODUCTS
Miele Professional reports that the following versions of the PG 85 product ser
No detection rules found.
arXiv
Viewpoint | Personal Data and the Internet of Things: It is time to care about digital provenance
arxiv_fulltext·2019-03-30·CVSS 7.5
[HIGH] Viewpoint | Personal Data and the Internet of Things: It is time to care about digital provenance
Viewpoint | Personal Data and the Internet of Things
It is time to care about digital provenance.
Thomas Pasquier
University of Bristol
David Eyers
University of Otago
Jean Bacon
University of Cambridge
## Abstract
The Internet of Things promises a connected environment reacting to and addressing our every need, but based on the assumption that all of our movements and words can be recorded and analysed to achieve this end. Ubiquitous surveillance is also a precondition for most dystopian societies, both real and fictional.
How our personal data is processed and consumed in an ever more connected world must imperatively be made transparent, and more effective technical solutions than those currently on offer, to manage personal data must urgently be investigated.
### The need for
Securelist
New trends in the world of IoT threats
blogs_securelist·2018-09-18
New trends in the world of IoT threats
Authors
Mikhail Kuzin
Yaroslav Shmelev
Vladimir Kuskov
Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead.
We decided to study what attack vectors are deployed by cybercriminals to infect smart devices, what malware is loaded into the system, and what it means for device owners and victims of freshly armed botnets.
Number of malware samples for IoT devices in Kaspersky Lab’s collection, 2016-2018.
One of the most popular attack and infection vectors against devices remains cracking Telnet passwords. In Q2 2018, there were three times as many such attacks against our honeypot
Securelist
New trends in the world of IoT threats
blogs_securelist·2018-09-18
New trends in the world of IoT threats
Authors
- Mikhail Kuzin
- Yaroslav Shmelev
- Vladimir Kuskov
Cybercriminals’ interest in IoT devices continues to grow: in H1 2018 we picked up three times as many malware samples attacking smart devices as in the whole of 2017. And in 2017 there were ten times more than in 2016. That doesn’t bode well for the years ahead.
We decided to study what attack vectors are deployed by cybercriminals to infect smart devices, what malware is loaded into the system, and what it means for device owners and victims of freshly armed botnets.
Number of malware samples for IoT devices in Kaspersky Lab’s collection, 2016-2018.
One of the most popular attack and infection vectors against devices remains cracking Telnet passwords. In Q2 2018, there were three times as many such attacks against our hone
http://seclists.org/fulldisclosure/2017/Mar/63http://www.securityfocus.com/bid/97080https://ics-cert.us-cert.gov/advisories/ICSA-17-138-01https://www.exploit-db.com/exploits/41718/https://www.miele.de/en/m/miele-admits-communication-glitch-4072.htmhttp://seclists.org/fulldisclosure/2017/Mar/63http://www.securityfocus.com/bid/97080https://ics-cert.us-cert.gov/advisories/ICSA-17-138-01https://www.exploit-db.com/exploits/41718/https://www.miele.de/en/m/miele-admits-communication-glitch-4072.htm
2017-03-24
Published