CVE-2023-5142

H3C ER6300G2 Config File userLogin.asp path traversal

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the component Config File Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. VDB-240238 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Una vulnerabilidad clasificada como problemática fue encontrada en H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2 , ER3260G2, ER5100G2, ER5200G2 y ER6300G2 hasta 20230908. Esta vulnerabilidad afecta a código desconocido del archivo /userLogin.asp del componente Config File Handler. La manipulación conduce al recorrido del camino. El ataque se puede iniciar de forma remota. La complejidad de un ataque es bastante alta. La explotación parece difícil. El exploit ha sido divulgado al público y puede utilizarse. VDB-240238 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera.

In H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 bis 20230908 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei /userLogin.asp der Komponente Config File Handler. Durch das Beeinflussen mit unbekannten Daten kann eine path traversal-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Die Komplexität eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur öffentlichen Verfügung.

*Credits: yinsel975

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

Attack Vector

Network

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2023-09-24 CVE Reserved
2023-09-24 CVE Published
2024-08-02 CVE Updated
2024-08-02 First Exploit
2024-10-26 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CAPEC

References (3)

URL	Tag	Source
https://vuldb.com/?id.240238	Technical Description

URL	Date	SRC
https://github.com/CJCniubi666/H3C-ER/blob/main/README.md	2024-08-02
https://github.com/yinsel/CVE-H3C-Report	2024-08-02

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
H3c Search vendor "H3c"	Gr-1100-p Firmware Search vendor "H3c" for product "Gr-1100-p Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-1100-p Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-1100-p Search vendor "H3c" for product "Gr-1100-p"	-	-	Safe
H3c Search vendor "H3c"	Gr-1108-p Firmware Search vendor "H3c" for product "Gr-1108-p Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-1108-p Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-1108-p Search vendor "H3c" for product "Gr-1108-p"	-	-	Safe
H3c Search vendor "H3c"	Gr-1200w Firmware Search vendor "H3c" for product "Gr-1200w Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-1200w Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-1200w Search vendor "H3c" for product "Gr-1200w"	-	-	Safe
H3c Search vendor "H3c"	Gr-1800ax Firmware Search vendor "H3c" for product "Gr-1800ax Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-1800ax Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-1800ax Search vendor "H3c" for product "Gr-1800ax"	-	-	Safe
H3c Search vendor "H3c"	Gr-2200 Firmware Search vendor "H3c" for product "Gr-2200 Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-2200 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-2200 Search vendor "H3c" for product "Gr-2200"	-	-	Safe
H3c Search vendor "H3c"	Gr-3200 Firmware Search vendor "H3c" for product "Gr-3200 Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-3200 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-3200 Search vendor "H3c" for product "Gr-3200"	-	-	Safe
H3c Search vendor "H3c"	Gr-5200 Firmware Search vendor "H3c" for product "Gr-5200 Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-5200 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-5200 Search vendor "H3c" for product "Gr-5200"	-	-	Safe
H3c Search vendor "H3c"	Gr-8300 Firmware Search vendor "H3c" for product "Gr-8300 Firmware"	<= 20230908 Search vendor "H3c" for product "Gr-8300 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Gr-8300 Search vendor "H3c" for product "Gr-8300"	-	-	Safe
H3c Search vendor "H3c"	Er3260g2 Firmware Search vendor "H3c" for product "Er3260g2 Firmware"	<= 20230908 Search vendor "H3c" for product "Er3260g2 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er3260g2 Search vendor "H3c" for product "Er3260g2"	-	-	Safe
H3c Search vendor "H3c"	Er5200g2 Firmware Search vendor "H3c" for product "Er5200g2 Firmware"	<= 20230908 Search vendor "H3c" for product "Er5200g2 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er5200g2 Search vendor "H3c" for product "Er5200g2"	-	-	Safe
H3c Search vendor "H3c"	Er3200g2 Firmware Search vendor "H3c" for product "Er3200g2 Firmware"	<= 20230908 Search vendor "H3c" for product "Er3200g2 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er3200g2 Search vendor "H3c" for product "Er3200g2"	-	-	Safe
H3c Search vendor "H3c"	Er2100n Firmware Search vendor "H3c" for product "Er2100n Firmware"	<= 20230908 Search vendor "H3c" for product "Er2100n Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er2100n Search vendor "H3c" for product "Er2100n"	-	-	Safe
H3c Search vendor "H3c"	Er6300g2 Firmware Search vendor "H3c" for product "Er6300g2 Firmware"	<= 20230908 Search vendor "H3c" for product "Er6300g2 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er6300g2 Search vendor "H3c" for product "Er6300g2"	-	-	Safe
H3c Search vendor "H3c"	Er5100g2 Firmware Search vendor "H3c" for product "Er5100g2 Firmware"	<= 20230908 Search vendor "H3c" for product "Er5100g2 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er5100g2 Search vendor "H3c" for product "Er5100g2"	-	-	Safe
H3c Search vendor "H3c"	Er2200g2 Firmware Search vendor "H3c" for product "Er2200g2 Firmware"	<= 20230908 Search vendor "H3c" for product "Er2200g2 Firmware" and version " <= 20230908"	-	Affected	in	H3c Search vendor "H3c"	Er2200g2 Search vendor "H3c" for product "Er2200g2"	-	-	Safe