CVE-2017-8337
moderate-risk
Published 2019-06-18
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL-R096. The device provides a user with the capability of executing various actions on the web management interface. It seems that the device does not implement any Origin header check which allows an attacker who can trick a user to navigate to an attacker's webpage to exploit this issue and brute force the password for the web management interface. It also allows an attacker to then execute any other actions which include management if rules, sensors attached to the devices using the websocket requests.
Do I need to act?
~
2.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10
High
NETWORK
/ LOW complexity
Affected Products (3)
Affected Vendors
References (6)
Third Party Advisory
http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow...
Mailing List
https://seclists.org/bugtraq/2019/Jun/8
Third Party Advisory
http://packetstormsecurity.com/files/153227/Securifi-Almond-2015-Buffer-Overflow...
Mailing List
https://seclists.org/bugtraq/2019/Jun/8
44
/ 100
moderate-risk
Severity
30/34 · Critical
Exploitability
5/34 · Minimal
Exposure
9/34 · Low