CVE-2018-19978 — HIGH (8.0)

Vulnerability Description

A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same network as the device) to trigger remote code execution via a POST request (ManufacturerName parameter) to the web server on the device. The web server is running with root privileges and the injected code will also run with root privileges.

CVSS Score

8.0

HIGH

CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Auerswald	Comfortel 1200 Ip Firmware	3.4.4.1-10589
Auerswald	Comfortel 1200 Ip	-

Related Weaknesses (CWE)

CWE-119

References

https://www.auerswald.de/de/service/81-telefone/schnurgebundene-telefone/1568-coProductVendor Advisory
https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Auerswald_COMfortExploitThird Party Advisory
https://www.auerswald.de/de/service/81-telefone/schnurgebundene-telefone/1568-coProductVendor Advisory
https://www.sit.fraunhofer.de/fileadmin/dokumente/CVE/Advisory_Auerswald_COMfortExploitThird Party Advisory

FAQ

What is CVE-2018-19978?

CVE-2018-19978 is a vulnerability with a CVSS score of 8.0 (HIGH). A buffer overflow vulnerability in the DHCP and PPPOE configuration interface of the Auerswald COMfort 1200 IP phone 3.4.4.1-10589 allows a remote attacker (authenticated as simple user in the same ne...

How severe is CVE-2018-19978?

CVE-2018-19978 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-19978?

Check the references section above for vendor advisories and patch information. Affected products include: Auerswald Comfortel 1200 Ip Firmware, Auerswald Comfortel 1200 Ip.