[Japanese]

JVNDB-2017-000044

CentreCOM AR260S V2 vulnerable to privilege escalation

Overview

CentreCOM AR260S V2 provided by Allied Telesis K.K. is a wired LAN router. CentreCOM AR260S V2 contains a privilege escalation vulnerability.

Ziv Chang of Trend Micro Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 8.0 (High) [IPA Score]
  • Attack Vector: Adjacent Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
CVSS V2 Severity:
Base Metrics 5.2 (Medium) [IPA Score]
  • Access Vector: Adjacent Network
  • Access Complexity: Low
  • Authentication: Single Instance
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products


Allied Telesis
  • CentreCOM AR260S V2

Impact

Unintended operations may be performed with administrative privileges by a user who can log into the produt with "guest" account.
Solution

[Apply Workarounds]
The following workarounds may mitigate the impacts of this vulnerability.

* Change the password of the account "guest"
The default password of the account "guest" is publicly known. Change the password of the account "guest" immediately to prevent an unauthenticated attacker from logging into the product.

* Do not allow untrusted person to use the account "guest"
Once logged into the vulnerable product as "guest", this vulnerability can be exploited. Therefore do not allow untrusted person to use the "guest" account.

* Enable the Firewall protection
The product has a firewall protection, and it is enabled by default. Enable firewall to protect the product from unintended accesses from WAN side.
Vendor Information

Allied Telesis
CWE (What is CWE?)

  1. Permissions(CWE-264) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2017-2125
References

  1. JVN : JVN#55121369
  2. National Vulnerability Database (NVD) : CVE-2017-2125
Revision History

  • [2017/03/30]
      Web page was published
    [2017/06/05]
      References : Content was added