CVE-2018-25144

Exploit

EPSS 0.26%
Veröffentlicht 24.12.2025 19:27:49
Zuletzt bearbeitet 02.02.2026 16:16:12
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system modifications through GET and POST requests.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microhardcorp ≫ Ipn4g Firmware Version1.1.0 Updatebuild1098

Microhardcorp ≫ Ipn4g Version-

Microhardcorp ≫ Ipn3gb Firmware Version2.2.0 Updatebuild2160

Microhardcorp ≫ Ipn3gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.6 Updatebuild1184-14

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.0 Updaterev2_build1090-2

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Ipn4gb Firmware Version1.1.0 Updaterev2_build1086

Microhardcorp ≫ Ipn4gb Version-

Microhardcorp ≫ Bullet-3g Firmware Version1.2.0 Updatereva_build1032

Microhardcorp ≫ Bullet-3g Version-

Microhardcorp ≫ Vip4gb Firmware Version1.1.6 Updatebuild_1204

Microhardcorp ≫ Vip4gb Version-

Microhardcorp ≫ Vip4gb Firmware Version1.1.6 Updaterev3_build1184-14

Microhardcorp ≫ Vip4gb Version-

Microhardcorp ≫ Vip4gb Wifi-n Firmware Version1.1.6 Updaterev2_build1196

Microhardcorp ≫ Vip4gb Wifi-n Version-

Microhardcorp ≫ Bullet-3g Firmware Version1.2.0 Updatebuild1076

Microhardcorp ≫ Bullet-3g Version-

Microhardcorp ≫ Bullet-lte Firmware Version1.2.0 Updatebuild1078

Microhardcorp ≫ Bullet-lte Version-

Microhardcorp ≫ Ipn3gii Firmware Version1.2.0 Updatebuild1076

Microhardcorp ≫ Ipn3gii Version-

Microhardcorp ≫ Ipn4gii Firmware Version1.2.0 Updatebuild1078

Microhardcorp ≫ Ipn4gii Version-

Microhardcorp ≫ Bulletplus Firmware Version1.3.0 Updatebuild1036

Microhardcorp ≫ Bulletplus Version-

Microhardcorp ≫ Dragon-lte Firmware Version1.1.0 Updatebuild1036

Microhardcorp ≫ Dragon-lte Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.495

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	8.4	2.5	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
disclosure@vulncheck.com	8.7	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

http://www.microhardcorp.com

Product

https://www.exploit-db.com/exploits/45037

Exploit

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5485.php

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2018-25144

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-25144

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-25144

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2018-25144