Comba AC2400 devices are prone to password disclosure via a simple crafted /09/business/upgrade/upcfgAction.php?download=true request to the web management server. The request doesn't require any authentication and will lead to saving the DBconfig.cfg file. At the end of the file, the login information is stored in cleartext.
References
Link | Resource |
---|---|
https://www.comba-telecom.com/en/news | Vendor Advisory |
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26164 | Exploit Third Party Advisory |
https://www.comba-telecom.com/en/news | Vendor Advisory |
https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26164 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 04:29
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.comba-telecom.com/en/news - Vendor Advisory | |
References | () https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=26164 - Exploit, Third Party Advisory |
Information
Published : 2020-03-19 18:15
Updated : 2024-11-21 04:29
NVD link : CVE-2019-15654
Mitre link : CVE-2019-15654
CVE.ORG link : CVE-2019-15654
JSON object : View
Products Affected
comba
- ac2400
- ac2400_firmware
CWE
CWE-306
Missing Authentication for Critical Function