CVE-2017-7318

Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability. This vulnerability allows a remote attacker to execute commands and retrieve information such as usernames and plaintext passwords from the device with no authentication.
References
Link Resource
http://blog.iancaling.com/post/155127766533/ Exploit Third Party Advisory
http://www.securityfocus.com/bid/97227 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siklu:etherhaul_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:siklu:etherhaul-5500fd:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_500tx:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_60ghz_v-band_radio:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_70\/80ghz_gigabit_radio:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_70\/80ghz_multi-gigabit_e-band_radio:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_70ghz_e-band_radio:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-30 07:59

Updated : 2024-02-28 15:44


NVD link : CVE-2017-7318

Mitre link : CVE-2017-7318

CVE.ORG link : CVE-2017-7318


JSON object : View

Products Affected

siklu

  • etherhaul_60ghz_v-band_radio
  • etherhaul_70\/80ghz_gigabit_radio
  • etherhaul_70\/80ghz_multi-gigabit_e-band_radio
  • etherhaul_500tx
  • etherhaul_firmware
  • etherhaul-5500fd
  • etherhaul_70ghz_e-band_radio