CVE-2019-11327

An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product has a local file inclusion vulnerability. An attacker with administrative privileges can craft a special URL to read arbitrary files from the device's files system.

CVSS v3 4.9 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://mezdanak.de/2019/06/21/iot-full-disclosure-topcon-positioning-net-g5-receiver/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:topcon:net-g5_firmware:5.2.2:*:*:*:*:*:*:*

cpe:2.3:h:topcon:net-g5:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-09-20 19:15

Updated : 2019-09-23 17:30

NVD link : CVE-2019-11327

Mitre link : CVE-2019-11327

CVE.ORG link : CVE-2019-11327

JSON object : View

Products Affected

topcon

net-g5_firmware
net-g5

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2019-11327", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.2}]}, "published": "2019-09-20T19:15:11.610", "references": [{"url": "https://mezdanak.de/2019/06/21/iot-full-disclosure-topcon-positioning-net-g5-receiver/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver devices with firmware 5.2.2. The web interface of the product has a local file inclusion vulnerability. An attacker with administrative privileges can craft a special URL to read arbitrary files from the device's files system."}, {"lang": "es", "value": "Se detect\u00f3 un problema en los dispositivos Topcon Positioning Net-G5 GNSS Receiver con versi\u00f3n de firmware 5.2.2. La interfaz web del producto presenta una vulnerabilidad de inclusi\u00f3n de archivos local. Un atacante con privilegios administrativos puede dise\u00f1ar una URL especial para leer archivos arbitrarios del sistema de archivos del dispositivo."}], "lastModified": "2019-09-23T17:30:02.800", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:topcon:net-g5_firmware:5.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CFEFC2C-437F-4DEF-B719-6DAD6CA84A7F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:topcon:net-g5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4E6938C5-430F-41A6-AEE0-40E460D1C94A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}