IDC SFX Series Web Portal Allows File Traversal Attack

Summary

A vulnerability in the IDC SFX Series Web management portal allows an attacker to access and read files on the server. This could potentially allow an attacker to access sensitive information. To protect your system, update to a fixed version of the software or apply a patch as soon as possible.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
datacast	sfx2100_firmware	All versions	–

Original title

A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version...

Original description

A path traversal vulnerability exists in the /IDC_Logging/checkifdone.cgi script in International Datacasting Corporation (IDC) SFX Series SuperFlex Satellite Receiver Web management portal version 101. An authenticated attacker can manipulate the `file` parameter to traverse directories and enumerate arbitrary files on the underlying filesystem. Due to the insecure perl file path handling function in use, a authenticated actor is able to preform directory traversal, with the backup endpoint confirming a file exists by indicating that a backup operation was successful or when using the path of a non existent file, the returned status is failed.

nvd CVSS4.0 5.3

Vulnerability type

CWE-22 Path Traversal

https://www.abdulmhsblog.com/posts/sfx2100-vulns/