Detections
Analytics
Microhard 3G/4G Cellular Ethernet and Serial Gateway External Control of File Name or Path (ZSL-2018-5484)
medium Tenable OT Security Plugin ID 503151
Synopsis
The remote OT asset is affected by a vulnerability.Description
The system backup configuration file 'IPn4G.config' in '/' directory or its respective name based on the model name including the similar files in '/www/cgi-bin/system.conf', '/tmp' and the cli.conf in '/etc/m_cli/' can be downloaded by an authenticated attacker in certain circumstances. This will enable the attacker to disclose sensitive information and help her in authentication bypass, privilege escalation and/or full system access.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
Refer to the vuln advisory.See Also
https://www.exploit-db.com/exploits/45036
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5484.php
Plugin Details
Severity: Medium
ID: 503151
Version: 1.1
Type: remote
Family: Tenable.ot
Published: 3/24/2025
Updated: 3/24/2025
Supported Sensors: Tenable OT Security
Risk Information
CVSS Score Rationale: Tenable score for unsupported products.
CVSS v3
Risk Factor: Medium
Base Score: 4.3
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Information
CPE: cpe:/o:microhardcorp:bullet-lte_firmware, cpe:/o:microhardcorp:bullet-3g_firmware, cpe:/o:microhardcorp:ipn4ii_firmware, cpe:/o:microhardcorp:vip4gb_firmware, cpe:/o:microhardcorp:ipn3gii_firmware, cpe:/o:microhardcorp:bulletplus_firmware, cpe:/o:microhardcorp:vip4g-wifi-n_firmware, cpe:/o:microhardcorp:ipn3gb_firmware, cpe:/o:microhardcorp:dragon-lte_firmware, cpe:/o:microhardcorp:ipn4g_firmware, cpe:/o:microhardcorp:vip4g_firmware, cpe:/o:microhardcorp:ipn4gb_firmware
Required KB Items: Tenable.ot/Microhard
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 7/17/2018
Reference Information
CWE: 73