FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2019-6268

Path Traversal: 'dir\..\..\filename' (CWE-31)

Published: Mar 8, 2024 / Updated: 8mo ago

010
CVSS 7.5EPSS 0.04%High
CVE info copied to clipboard

Summary

RAD SecFlow-2 devices with Hardware 0202, Firmware 4.1.01.63, and U-Boot 2010.12 allow URIs beginning with /.. for Directory Traversal, as demonstrated by reading /etc/shadow.

Impact

This vulnerability allows attackers to access sensitive files on the affected devices, potentially exposing critical system information. By exploiting this directory traversal flaw, an attacker could read sensitive files like /etc/shadow, which contains encrypted user password information. This could lead to unauthorized access to user accounts and further compromise of the system.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

Based on the provided information, there is no explicit mention of a patch being available. The vulnerability is associated with specific hardware and firmware versions, suggesting that an update might be necessary, but no concrete patch information is provided.

Mitigation

1. Update the firmware if a newer version becomes available that addresses this vulnerability. 2. Implement strict input validation for all user-supplied input, particularly for URIs. 3. Apply the principle of least privilege to limit access to sensitive files and directories. 4. Consider implementing additional access controls or security layers to protect sensitive system files. 5. Monitor and log access attempts to detect potential exploitation of this vulnerability. 6. If possible, disable or restrict access to the vulnerable URI handling functionality until a patch is available.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Timeline

First Article

Feedly found the first article mentioning CVE-2019-6268. See article

Mar 5, 2024 at 4:49 PM / unSafe.sh - 不安全
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Mar 6, 2024 at 4:14 AM
CVE Assignment

NVD published the first details for CVE-2019-6268

Mar 7, 2024 at 6:15 PM
EPSS

EPSS Score was set to: 0.04% (Percentile: 7.1%)

Mar 8, 2024 at 2:57 PM
Trending

This CVE started to trend in security discussions

Jun 25, 2024 at 1:08 PM
Trending

This CVE stopped trending in security discussions

Jun 25, 2024 at 1:24 PM
Trending

This CVE started to trend in security discussions

Jun 25, 2024 at 1:39 PM
Trending

This CVE stopped trending in security discussions

Jun 25, 2024 at 2:09 PM
CVSS

A CVSS base score of 7.5 has been assigned.

Aug 1, 2024 at 1:46 PM / nvd
Static CVE Timeline Graph

Affected Systems

Denx/u-boot
+null more

News

Snowflake Breach Snowballs With More Victims
ThreatsHub Cybersecurity News / 4mo
We know the list of Snowflake victims is long – at least 165 targets were caught up in the security failure, threat hunters at Mandiant reported recently – including, it’s believed after news broke this week, Australian ticketing provider Ticketek. US car part retailer Advance Auto Parts was also believed to be a Snowflake victim, which the company confirmed last week in a filing with the US Securities and Exchange Commission.
Snowflake breach snowballs as more victims, perps, come forward
ThreatsHub Cybersecurity News / 4mo
We know the list of Snowflake victims is long – at least 165 targets were caught up in the security failure, threat hunters at Mandiant reported recently – including, it’s believed after news broke this week, Australian ticketing provider Ticketek. US car part retailer Advance Auto Parts was also believed to be a Snowflake victim, which the company confirmed last week in a filing with the US Securities and Exchange Commission.
Snowflake breach snowballs as more victims, perps, come forward - The Register
"cyber Security" - Google News / 4mo
We know the list of Snowflake victims is long – at least 165 targets were caught up in the security failure, threat hunters at Mandiant reported recently – including, it's believed after news broke this week, Australian ticketing provider Ticketek. US car part retailer Advance Auto Parts was also believed to be a Snowflake victim, which the company confirmed last week in a filing with the US Securities and Exchange Commission.
Review - Rabbit Hole Update – RAD Advisory Background
Chemical Facility Security News / 5mo
On Tuesday in my CISA advisory post on Substack, I included a down-the-rabbit-hole (DTRH) look at the delay between the apparent 2019 discovery (per the CVE number - CVE-2019-6268) of the path traversal vulnerability reported by CISA on Tuesday and the publication of an exploit earlier this year. I contacted Branko Milicevic, the researcher who originally identified the vulnerability and published the exploit, to find out the classic ‘rest of the story’. For more details about that ‘rest of the story’, see my article on CFSN Detailed Analysis - https://patrickcoyle.substack.com/p/rabbit-hole-update - subscription required.
CISA Issues New Advisory for Industrial Control Systems - CybersecurityNews
""cyber security"" - Google News / 5mo
The advisory, issued on June 18, 2024, highlights a significant security flaw in RAD Data Communications’ SecFlow-2 devices, which could be exploited remotely with low attack complexity. The Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory concerning a critical vulnerability in industrial control systems (ICS).
See 25 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:None
Availability Impact:None

Categories

CVSS 7.5(51562)CWE-31(11)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial