Vulnerability Description
Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microhardcorp | Ipn4G Firmware | 1.1.0 |
| Microhardcorp | Ipn4G | - |
| Microhardcorp | Ipn3Gb Firmware | 2.2.0 |
| Microhardcorp | Ipn3Gb | - |
| Microhardcorp | Ipn4Gb Firmware | 1.1.6 |
| Microhardcorp | Ipn4Gb | - |
| Microhardcorp | Bullet-3G Firmware | 1.2.0 |
| Microhardcorp | Bullet-3G | - |
| Microhardcorp | Vip4Gb Firmware | 1.1.6 |
| Microhardcorp | Vip4Gb | - |
| Microhardcorp | Vip4Gb Wifi-N Firmware | 1.1.6 |
| Microhardcorp | Vip4Gb Wifi-N | - |
| Microhardcorp | Bullet-Lte Firmware | 1.2.0 |
| Microhardcorp | Bullet-Lte | - |
| Microhardcorp | Ipn3Gii Firmware | 1.2.0 |
| Microhardcorp | Ipn3Gii | - |
| Microhardcorp | Ipn4Gii Firmware | 1.2.0 |
| Microhardcorp | Ipn4Gii | - |
| Microhardcorp | Bulletplus Firmware | 1.3.0 |
| Microhardcorp | Bulletplus | - |
Related Weaknesses (CWE)
References
- http://www.microhardcorp.comProduct
- https://www.exploit-db.com/exploits/45041Exploit
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5486.phpExploitThird Party Advisory
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5486.phpExploitThird Party Advisory
FAQ
What is CVE-2018-25143?
CVE-2018-25143 is a vulnerability with a CVSS score of 8.8 (HIGH). Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' comma...
How severe is CVE-2018-25143?
CVE-2018-25143 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-25143?
Check the references section above for vendor advisories and patch information. Affected products include: Microhardcorp Ipn4G Firmware, Microhardcorp Ipn4G, Microhardcorp Ipn3Gb Firmware, Microhardcorp Ipn3Gb, Microhardcorp Ipn4Gb Firmware.