Security Vulnerabilities

Samsung SRN-1670D Web Viewer File Upload Vulnerability

November 6, 2017 Duncan 2934 Views 0 Comments CVE-2017-16524, Samsung SRN-1670D 0 min read

CVE-2017-16524

Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: ‘network_ssl_upload.php’ allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the file in the upload/ directory.

To authenticate for this attack, one can obtain web-interface credentials in cleartext by leveraging the existing Local File Read Vulnerability referenced as CVE-2015-8279, which allows remote attackers to read the web-interface credentials via a request for the cslog_export.php?path=/root/php_modules/lighttpd/sbin/userpw URI.

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Related Posts

Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.