Exagrid Backup Appliance Firmware 48.1.1044.p50 Directory traversal Vulnerability

Summary

ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monitor/data/Upgrade/ directory traversal vulnerability, which allows remote attackers to view and retrieve verbose logging information. 

Credit:

The information has been provided by Jeremy Trinka

The original article can be found at: https://exagrid.com/exagrid-products/resources/


Details

The Exagrid backup appliance at version 4.8.1.1044.P50 suffers from a directory traversal vulnerability at “http://EXAGRID_IP/monitor/data/Upgrade/” (case sensitive) which allows unauthenticated access to detailed log files. Active “support” credentials were found within these logs in Base64 encoded format.

The credentials were confirmed as used to facilitate upgrades on the appliance through a series of Perl scripts. The execution of one such script dumps the encoded credentials into the log file “progress.log” within this directory. These ‘support’ credentials allow for administrative level access to the appliance and its data once decoded.

Vulnerable Systems:

  • Exagrid Backup Appliance Firmware 48.1.1044.p50

CVE Information:

CVE-2019-12310

Disclosure Timeline:
Publish Date:06/03/2019

Categories: News