cnvd - cnvd-2017-34594

CNVD-2017-34594

Vulnerability from cnvd - Published: 2017-11-20

Title

ZTE ZXR10 1800-2S访问控制不当漏洞

Description

ZTE ZXR10 1800-2S是中兴通讯的一款路由器。 ZTE ZXR10 1800-2S未能正确的限制Web用户的文件下载目录的范围，允许远程攻击者利用漏洞提交特殊的请求，下载配置文件，窃取敏感信息。

Severity

中

Patch Name

ZTE ZXR10 1800-2S访问控制不当漏洞的补丁

Patch Description

ZTE ZXR10 1800-2S是中兴通讯的一款路由器。 ZTE ZXR10 1800-2S未能正确的限制Web用户的文件下载目录的范围，允许远程攻击者利用漏洞提交特殊的请求，下载配置文件，窃取敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布漏洞修复程序，请及时关注更新： http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262

Reference

http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262

Impacted products

Name
ZTE ZXR10 1800-2S <v3.00.40

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-10931"
    }
  },
  "description": "ZTE ZXR10 1800-2S\u662f\u4e2d\u5174\u901a\u8baf\u7684\u4e00\u6b3e\u8def\u7531\u5668\u3002\r\n\r\nZTE ZXR10 1800-2S\u672a\u80fd\u6b63\u786e\u7684\u9650\u5236Web\u7528\u6237\u7684\u6587\u4ef6\u4e0b\u8f7d\u76ee\u5f55\u7684\u8303\u56f4\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u4e0b\u8f7d\u914d\u7f6e\u6587\u4ef6\uff0c\u7a83\u53d6\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Netfairy of Kuangn Network",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-34594",
  "openTime": "2017-11-20",
  "patchDescription": "ZTE ZXR10 1800-2S\u662f\u4e2d\u5174\u901a\u8baf\u7684\u4e00\u6b3e\u8def\u7531\u5668\u3002\r\n\r\nZTE ZXR10 1800-2S\u672a\u80fd\u6b63\u786e\u7684\u9650\u5236Web\u7528\u6237\u7684\u6587\u4ef6\u4e0b\u8f7d\u76ee\u5f55\u7684\u8303\u56f4\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u63d0\u4ea4\u7279\u6b8a\u7684\u8bf7\u6c42\uff0c\u4e0b\u8f7d\u914d\u7f6e\u6587\u4ef6\uff0c\u7a83\u53d6\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ZTE ZXR10 1800-2S\u8bbf\u95ee\u63a7\u5236\u4e0d\u5f53\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "ZTE ZXR10 1800-2S \u003cv3.00.40"
  },
  "referenceLink": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262",
  "serverity": "\u4e2d",
  "submitTime": "2017-09-20",
  "title": "ZTE ZXR10 1800-2S\u8bbf\u95ee\u63a7\u5236\u4e0d\u5f53\u6f0f\u6d1e"
}

CVE-2017-10931 (GCVE-0-2017-10931)

Vulnerability from cvelistv5 – Published: 2017-09-19 14:00 – Updated: 2024-09-17 03:37

Summary

The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration.

Severity ?

No CVSS data available.

CWE

Path Traversal

Assigner

zte

References

URL

Tags

http://support.zte.com.cn/support/news/LoopholeIn…

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	ZTE	ZX10 1800-2S	Affected: All versions prior to V3.00.40

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:50:12.806Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "ZX10 1800-2S",
          "vendor": "ZTE",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to V3.00.40"
            }
          ]
        }
      ],
      "datePublic": "2017-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Path Traversal",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-19T13:57:01",
        "orgId": "6786b568-6808-4982-b61f-398b0d9679eb",
        "shortName": "zte"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@zte.com.cn",
          "DATE_PUBLIC": "2017-08-10T00:00:00",
          "ID": "CVE-2017-10931",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "ZX10 1800-2S",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions prior to V3.00.40"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ZTE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The ZXR10 1800-2S before v3.00.40 incorrectly restricts the download of the file directory range for WEB users, resulting in the ability to download any files and cause information leaks such as system configuration."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Path Traversal"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262",
              "refsource": "MISC",
              "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1008262"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6786b568-6808-4982-b61f-398b0d9679eb",
    "assignerShortName": "zte",
    "cveId": "CVE-2017-10931",
    "datePublished": "2017-09-19T14:00:00Z",
    "dateReserved": "2017-07-05T00:00:00",
    "dateUpdated": "2024-09-17T03:37:33.507Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-34594

CVE-2017-10931 (GCVE-0-2017-10931)

Tags

Sightings

Nomenclature