HIGH🇬🇧 English

CVE-2017-8841

CVSS 8.1v3.0pub. 2017-06-05upd. 2026-05-13

Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology is absolute path traversal in cgi-bin/MANGA/firmware_process.cgi via the upfile.path parameter.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
  • Peplink 1350hw2 Firmware

    OS
    Peplink
    7.0.1
  • Peplink 2500 Firmware

    OS
    Peplink
    7.0.1
  • Peplink 380hw6 Firmware

    OS
    Peplink
    7.0.1
  • Peplink 580hw2 Firmware

    OS
    Peplink
    7.0.1
  • Peplink 710hw3 Firmware

    OS
    Peplink
    7.0.1
  • Peplink B305hw2 Firmware

    OS
    Peplink
    7.0.1
  • Peplink Balance 1350

    HW
    Peplink
    wszystkie wersje
  • Peplink Balance 2500

    HW
    Peplink
    wszystkie wersje
  • Peplink Balance 305

    HW
    Peplink
    wszystkie wersje
  • Peplink Balance 380

    HW
    Peplink
    wszystkie wersje
  • Peplink Balance 580

    HW
    Peplink
    wszystkie wersje
  • Peplink Balance 710

    HW
    Peplink
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2017-8837CRITICAL9.8ten sam produkt

Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware ...

CVE-2017-8835CRITICAL9.8ten sam produkt

SQL injection exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b30...

CVE-2020-24246HIGH7.5ten sam produkt

Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files (/filem...

CVE-2017-8836HIGH8.8ten sam produkt

CSRF exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380h...

CVE-2017-8838MEDIUM6.1ten sam produkt

XSS via syncid exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b3...