CVE-2019-18922
published 2019-11-29CVE-2019-18922: A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read…
PriorityP270high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
24.74%
97.6th percentile
A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request. NOTE: This is an End-of-Life product.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alliedtelesis | at-gs950_8_firmware | < 1.00.047 | 1.00.047 |
Detection & IOCsextracted from sources · hover to see the quote
yara↗
regex: root:[x*]:0:0
- →Detect unauthenticated HTTP GET requests containing directory traversal sequences targeting /etc/passwd on Allied Telesis AT-GS950/8 web interface. ↗
- →A successful exploit response will return HTTP 200 with content matching the regex 'root:[x*]:0:0', indicating /etc/passwd was read. ↗
- →The traversal payload uses six levels of '../' sequences directly in the URL path: /../../../../../../etc/passwd — no authentication or special headers required. ↗
- ·This vulnerability affects Allied Telesis AT-GS950/8 devices only up to firmware AT-S107 V.1.1.3 [1.00.047]; the product is End-of-Life. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:C/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Allied Telesis AT-GS950/8 - Local File Inclusion
nuclei·CVSS 7.5
CVE-2019-18922 [HIGH] Allied Telesis AT-GS950/8 - Local File Inclusion
Allied Telesis AT-GS950/8 - Local File Inclusion
Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 is susceptible to local file inclusion via its web interface.
Template:
id: CVE-2019-18922
info:
name: Allied Telesis AT-GS950/8 - Local File Inclusion
author: 0x_Akoko
severity: high
description: |
Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 is susceptible to local file inclusion via its web interface.
impact: |
Successful exploitation of this vulnerability allows an attacker to read arbitrary files on the affected device, leading to unauthorized access and potential data leakage.
remediation: |
Apply the latest firmware update provided by Allied Telesis to fix the vulnerability.
reference:
- https://packetstormsecurity.com/files/155504/Allied-Telesis-AT-GS950-8-Direc
No writeups or analysis indexed.
http://packetstormsecurity.com/files/155504/Allied-Telesis-AT-GS950-8-Directory-Traversal.htmlhttp://seclists.org/fulldisclosure/2019/Nov/31https://pastebin.com/dpEGKUGzhttp://packetstormsecurity.com/files/155504/Allied-Telesis-AT-GS950-8-Directory-Traversal.htmlhttp://seclists.org/fulldisclosure/2019/Nov/31https://pastebin.com/dpEGKUGz
2019-11-29
Published