#VU87540 Path traversal in edgeConnector and edgeAggregator - CVE-2023-38126

Cybersecurity Help s.r.o.

Published: 2024-03-15 | Updated: 2024-04-01

Vulnerability identifier: #VU87540

Vulnerability risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-38126

CWE-ID: CWE-22

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
edgeConnector
Other software / Other software solutions
edgeAggregator
Other software / Other software solutions

Vendor: Softing AG

Description

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences wirhin the backup zip files. A remote administrator can send a specially crafted HTTP request and write to a file or overwrite a file in the filesystem.

Mitigation
Install update from vendor's website.

Vulnerable software versions

edgeConnector: 3.60

edgeAggregator: 3.60

External links
https://www.zerodayinitiative.com/advisories/ZDI-23-1058/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-13
https://www.zerodayinitiative.com/advisories/ZDI-24-352/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Softing edgeConnector and edgeAggregator