Sign-up

ID

VAR-201703-1254


CVE

CVE-2017-7240


TITLE

Miele Professional PG 8528 PST10 Directory Traversal Vulnerability

Trust: 0.8

sources: IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8 // CNVD: CNVD-2017-04551

DESCRIPTION

An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory traversal attack; therefore, an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. A Proof of Concept is GET /../../../../../../../../../../../../etc/shadow HTTP/1.1. This affects PG8527 devices 2.02 before 2.12, PG8527 devices 2.51 before 2.61, PG8527 devices 2.52 before 2.62, PG8527 devices 2.54 before 2.64, PG8528 devices 2.02 before 2.12, PG8528 devices 2.51 before 2.61, PG8528 devices 2.52 before 2.62, PG8528 devices 2.54 before 2.64, PG8535 devices 1.00 before 1.10, PG8535 devices 1.04 before 1.14, PG8536 devices 1.10 before 1.20, and PG8536 devices 1.14 before 1.24. Miele Professional PG 8528 of PST10 The device contains a path traversal vulnerability.Information may be obtained. MieleProfessionalPG8528PST10 is a washing machine sterilizer. A directory traversal vulnerability exists in MieleProfessionalPG8528PST10. An attacker could exploit the vulnerability to access sensitive information. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to read arbitrary files in the context of the application. This may aid in further attacks. The title and technical details have been changed to better reflect the vulnerability impact

Trust: 2.61

sources: NVD: CVE-2017-7240 // JVNDB: JVNDB-2017-002683 // CNVD: CNVD-2017-04551 // BID: 97080 // IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8 // CNVD: CNVD-2017-04551

AFFECTED PRODUCTS

vendor:miele professionalmodel:pst10 webserverscope:eqversion: -

Trust: 1.6

vendor:miele corporatemodel:pst10 webserverscope:eqversion:(pg 8528)

Trust: 0.8

vendor:mielemodel:pgscope:eqversion:85280

Trust: 0.6

vendor:mielemodel:pg8536scope:eqversion:1.14

Trust: 0.3

vendor:mielemodel:pg8536scope:eqversion:1.10

Trust: 0.3

vendor:mielemodel:pg8535scope:eqversion:1.04

Trust: 0.3

vendor:mielemodel:pg8535scope:eqversion:1.00

Trust: 0.3

vendor:mielemodel:pg8528scope:eqversion:2.54

Trust: 0.3

vendor:mielemodel:pg8528scope:eqversion:2.52

Trust: 0.3

vendor:mielemodel:pg8528scope:eqversion:2.51

Trust: 0.3

vendor:mielemodel:pg8528scope:eqversion:2.02

Trust: 0.3

vendor:mielemodel:pg8527scope:eqversion:2.54

Trust: 0.3

vendor:mielemodel:pg8527scope:eqversion:2.52

Trust: 0.3

vendor:mielemodel:pg8527scope:eqversion:2.51

Trust: 0.3

vendor:mielemodel:pg8527scope:eqversion:2.02

Trust: 0.3

vendor:mielemodel:pg8536scope:neversion:1.24

Trust: 0.3

vendor:mielemodel:pg8536scope:neversion:1.20

Trust: 0.3

vendor:mielemodel:pg8535scope:neversion:1.14

Trust: 0.3

vendor:mielemodel:pg8535scope:neversion:1.10

Trust: 0.3

vendor:mielemodel:pg8528scope:neversion:2.64

Trust: 0.3

vendor:mielemodel:pg8528scope:neversion:2.62

Trust: 0.3

vendor:mielemodel:pg8528scope:neversion:2.61

Trust: 0.3

vendor:mielemodel:pg8528scope:neversion:2.12

Trust: 0.3

vendor:mielemodel:pg8527scope:neversion:2.64

Trust: 0.3

vendor:mielemodel:pg8527scope:neversion:2.62

Trust: 0.3

vendor:mielemodel:pg8527scope:neversion:2.61

Trust: 0.3

vendor:mielemodel:pg8527scope:neversion:2.12

Trust: 0.3

vendor:pst10 webservermodel: - scope:eqversion: -

Trust: 0.2

sources: IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8 // CNVD: CNVD-2017-04551 // BID: 97080 // JVNDB: JVNDB-2017-002683 // CNNVD: CNNVD-201703-1015 // NVD: CVE-2017-7240

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-7240
value: HIGH

Trust: 1.0

NVD: CVE-2017-7240
value: HIGH

Trust: 0.8

CNVD: CNVD-2017-04551
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201703-1015
value: MEDIUM

Trust: 0.6

IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8
value: MEDIUM

Trust: 0.2

nvd@nist.gov: CVE-2017-7240
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-04551
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

nvd@nist.gov: CVE-2017-7240
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8 // CNVD: CNVD-2017-04551 // JVNDB: JVNDB-2017-002683 // CNNVD: CNNVD-201703-1015 // NVD: CVE-2017-7240

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.8

sources: JVNDB: JVNDB-2017-002683 // NVD: CVE-2017-7240

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-1015

TYPE

Path traversal

Trust: 0.8

sources: IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8 // CNNVD: CNNVD-201703-1015

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-002683

PATCH
title:PG 8528url:https://www.miele.co.uk/professional/large-capacity-washer-disinfectors-560.htm?mat=10339600&name=PG_8528
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2017-002683

EXTERNAL IDS
db:NVDid:CVE-2017-7240
Trust: 3.5
db:ICS CERTid:ICSA-17-138-01
Trust: 2.1
db:BIDid:97080
Trust: 1.9
db:EXPLOIT-DBid:41718
Trust: 1.0
db:CNVDid:CNVD-2017-04551
Trust: 0.8
db:CNNVDid:CNNVD-201703-1015
Trust: 0.8
db:JVNDBid:JVNDB-2017-002683
Trust: 0.8
db:ICS CERT ALERTid:ICS-ALERT-17-089-01
Trust: 0.3
db:IVDid:51346101-CB9B-402A-8D5F-8A8A1349C5E8
Trust: 0.2
sources:
            
            
            IVD: 51346101-cb9b-402a-8d5f-8a8a1349c5e8 // 
            
            
            
            CNVD: CNVD-2017-04551 // 
            
            
            
            BID: 97080 // 
            
            
            
            JVNDB: JVNDB-2017-002683 // 
            
            
            
            CNNVD: CNNVD-201703-1015 // 
            
            
            
            NVD: CVE-2017-7240

REFERENCES
url:http://seclists.org/fulldisclosure/2017/mar/63
Trust: 2.7
url:https://ics-cert.us-cert.gov/advisories/icsa-17-138-01
Trust: 2.1
url:http://www.securityfocus.com/bid/97080
Trust: 1.6
url:https://www.exploit-db.com/exploits/41718/
Trust: 1.0
url:https://www.miele.de/en/m/miele-admits-communication-glitch-4072.htm
Trust: 1.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7240
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-7240
Trust: 0.8
url:https://www.miele.co.uk/professional/large-capacity-washer-disinfectors-560.htm?mat=10339600&name=pg_8528
Trust: 0.3
url:https://ics-cert.us-cert.gov/alerts/ics-alert-17-089-01
Trust: 0.3
sources:
            
            
            CNVD: CNVD-2017-04551 // 
            
            
            
            BID: 97080 // 
            
            
            
            JVNDB: JVNDB-2017-002683 // 
            
            
            
            CNNVD: CNNVD-201703-1015 // 
            
            
            
            NVD: CVE-2017-7240

CREDITS
Jens Regel, Schneider & Wulf EDV-Beratung GmbH & Co. KG
Trust: 0.3
sources:
            
            
            BID: 97080

SOURCES
db:IVDid:51346101-cb9b-402a-8d5f-8a8a1349c5e8
db:CNVDid:CNVD-2017-04551
db:BIDid:97080
db:JVNDBid:JVNDB-2017-002683
db:CNNVDid:CNNVD-201703-1015
db:NVDid:CVE-2017-7240

LAST UPDATE DATE
2024-11-23T22:38:36.231000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-04551date:2017-04-17T00:00:00
db:BIDid:97080date:2017-05-23T16:27:00
db:JVNDBid:JVNDB-2017-002683date:2017-09-11T00:00:00
db:CNNVDid:CNNVD-201703-1015date:2018-05-09T00:00:00
db:NVDid:CVE-2017-7240date:2024-11-21T03:31:26.970

SOURCES RELEASE DATE
db:IVDid:51346101-cb9b-402a-8d5f-8a8a1349c5e8date:2017-04-17T00:00:00
db:CNVDid:CNVD-2017-04551date:2017-04-17T00:00:00
db:BIDid:97080date:2017-03-24T00:00:00
db:JVNDBid:JVNDB-2017-002683date:2017-04-25T00:00:00
db:CNNVDid:CNNVD-201703-1015date:2017-03-24T00:00:00
db:NVDid:CVE-2017-7240date:2017-03-24T15:59:01.263