CVE-2017-9383
moderate-risk
Published 2019-06-17
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "wget" as one of the service actions for a normal user to connect the device to an external website. It retrieves the parameter "URL" from the query string and then passes it to an internal function that uses the curl module on the device to retrieve the contents of the website.
Do I need to act?
~
2.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.9/10
Critical
NETWORK
/ LOW complexity
Affected Products (2)
Veraedge Firmware
Veralite Firmware
Affected Vendors
References (6)
Third Party Advisory
http://packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command...
Mailing List
https://seclists.org/bugtraq/2019/Jun/8
Third Party Advisory
http://packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command...
Mailing List
https://seclists.org/bugtraq/2019/Jun/8
45
/ 100
moderate-risk
Severity
33/34 · Critical
Exploitability
5/34 · Minimal
Exposure
7/34 · Low