CVE-2019-9117 — CRITICAL (9.8)

Vulnerability Description

An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root shell. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 POST request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body for the SetNetworkTomographySettings API function, as demonstrated by shell metacharacters in the tomography_ping_number field.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Motorola	M2 Firmware	1.07
Motorola	M2	-
Motorola	C1 Firmware	1.01
Motorola	C1	-

Related Weaknesses (CWE)

CWE-78

References

https://github.com/lieanu/vuls/blob/master/motorola/M2_C1/SetNetworkTomographySeExploitThird Party Advisory
https://github.com/lieanu/vuls/blob/master/motorola/M2_C1/SetNetworkTomographySeExploitThird Party Advisory

FAQ

What is CVE-2019-9117?

CVE-2019-9117 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively. This issue is a Command Injection allowing a remote attacker to execute arbitrary code, and get a root s...

How severe is CVE-2019-9117?

CVE-2019-9117 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2019-9117?

Check the references section above for vendor advisories and patch information. Affected products include: Motorola M2 Firmware, Motorola M2, Motorola C1 Firmware, Motorola C1.