CVE-2017-7318

Siklu EtherHaul devices before 7.4.0 are vulnerable to a remote command execution (RCE) vulnerability. This vulnerability allows a remote attacker to execute commands and retrieve information such as usernames and plaintext passwords from the device with no authentication.
References
Link Resource
http://blog.iancaling.com/post/155127766533/ Exploit Third Party Advisory
http://www.securityfocus.com/bid/97227 Third Party Advisory VDB Entry
http://blog.iancaling.com/post/155127766533/ Exploit Third Party Advisory
http://www.securityfocus.com/bid/97227 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siklu:etherhaul_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:siklu:etherhaul-5500fd:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_500tx:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_60ghz_v-band_radio:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_70\/80ghz_gigabit_radio:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_70\/80ghz_multi-gigabit_e-band_radio:-:*:*:*:*:*:*:*
cpe:2.3:h:siklu:etherhaul_70ghz_e-band_radio:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:31

Type Values Removed Values Added
References () http://blog.iancaling.com/post/155127766533/ - Exploit, Third Party Advisory () http://blog.iancaling.com/post/155127766533/ - Exploit, Third Party Advisory
References () http://www.securityfocus.com/bid/97227 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/97227 - Third Party Advisory, VDB Entry

Information

Published : 2017-03-30 07:59

Updated : 2024-11-21 03:31


NVD link : CVE-2017-7318

Mitre link : CVE-2017-7318

CVE.ORG link : CVE-2017-7318


JSON object : View

Products Affected

siklu

  • etherhaul_70\/80ghz_gigabit_radio
  • etherhaul_70\/80ghz_multi-gigabit_e-band_radio
  • etherhaul_70ghz_e-band_radio
  • etherhaul_60ghz_v-band_radio
  • etherhaul_500tx
  • etherhaul_firmware
  • etherhaul-5500fd