Exploit for #VU8012 Security restrictions bypass in Westermo Hardware solutions

Exploit for #VU8012 Security restrictions bypass in Westermo Hardware solutions

Published: 2020-03-18 | Updated: 2021-06-17

Vulnerability identifier: #VU8012

Vulnerability risk: Medium

CVSSv3.1: 9.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N/E:F/RL:O/RC:C]

CVE-ID: CVE-2017-5816

CWE-ID: CWE-321

Exploitation vector: Network

Exploits in database: 2

June 17, 2021
- HP iMC Plat 7.2 - Remote Code Execution (2) [Exploit-DB]
March 18, 2020
- HPE iMC dbman RestartDB Unauthenticated RCE [Metasploit]

Impact: Information disclosure and data manipulation

Vulnerable software:
MRD-455
Hardware solutions / Routers & switches, VoIP, GSM, etc
MRD-355
Hardware solutions / Routers & switches, VoIP, GSM, etc
MRD-315
Hardware solutions / Routers & switches, VoIP, GSM, etc
MRD-305-DIN
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Westermo