Vulnerability Description
An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linkplay | Linkplay | - |
Related Weaknesses (CWE)
References
- https://labs.f-secure.com/advisories/linkplay-firmware-wanlan-remote-code-executExploitThird Party Advisory
- https://labs.mwrinfosecurity.com/advisories/Third Party Advisory
- https://linkplay.com/featured-products/Product
- https://labs.f-secure.com/advisories/linkplay-firmware-wanlan-remote-code-executExploitThird Party Advisory
- https://labs.mwrinfosecurity.com/advisories/Third Party Advisory
- https://linkplay.com/featured-products/Product
FAQ
What is CVE-2019-15310?
CVE-2019-15310 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain f...
How severe is CVE-2019-15310?
CVE-2019-15310 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-15310?
Check the references section above for vendor advisories and patch information. Affected products include: Linkplay Linkplay.