#VU16216 Path traversal in Zyxel VMG1312-B10D - CVE-2018-19326

Cybersecurity Help s.r.o.

Published: 2018-12-03 | Updated: 2018-12-03

Vulnerability identifier: #VU16216

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-19326

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Zyxel VMG1312-B10D
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: ZyXEL Communications Corp.

Description

The vulnerability allows a remote attacker to conduct directory traversal attack on the target system.

The vulnerability exists due to path traversal, as demonstrated by reading /etc/passwd. A remote unauthenticated attacker can send a specially crafted URL request containing "dot dot" sequences (/../), conduct directory traversal attack and view arbitrary files.

Mitigation
Update to version 5.13(AAXA.8)C0.

Vulnerable software versions

Zyxel VMG1312-B10D: before 5.13(AAXA.8)C0

External links
https://gist.github.com/numanturle/4988b5583e5ebe501059bd368636de33

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Zyxel VMG1312-B10D