CVE-2017-9383
Description
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/port_3480". It seems that the UPnP services provide "wget" as one of the service actions for a normal user to connect the device to an external website. It retrieves the parameter "URL" from the query string and then passes it to an internal function that uses the curl module on the device to retrieve the contents of the website.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
VeraEdge and Veralite routers allow unauthenticated attackers to force the device to fetch arbitrary URLs via the UPnP wget action, enabling SSRF or file retrieval.
Vulnerability
The UPnP service on VeraEdge firmware 1.7.19 and Veralite firmware 1.7.481 exposes a wget action on port 3480 (also accessible via port 80 at /port_3480). This action accepts a URL parameter from the query string and passes it to an internal function that uses the curl module to retrieve the contents of the specified website. No authentication is required to trigger this action [1][2].
Exploitation
An attacker can send a crafted HTTP request to the UPnP endpoint (port 3480 or /port_3480 on port 80) with a URL parameter pointing to an attacker-controlled server or internal resource. The device will then fetch that URL using curl, allowing the attacker to observe the request (e.g., via a web server log) or potentially cause the device to interact with internal network services.
Impact
Successful exploitation allows an unauthenticated attacker to force the device to make outbound HTTP requests to arbitrary destinations. This can be used for server-side request forgery (SSRF) to probe internal networks, exfiltrate data, or download malicious content onto the device. The attacker does not need any prior access or authentication.
Mitigation
As of the publication date (2019-06-17), no official patch or firmware update has been released to address this vulnerability. Users are advised to restrict access to the UPnP service by blocking port 3480 and the /port_3480 path on the WAN interface, or to disable UPnP entirely if not required. The devices may be end-of-life; consider replacing them with supported hardware.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Vera/VeraEdgedescription
- Range: = 1.7.481
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.htmlmitrex_refsource_MISC
- github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdfmitrex_refsource_MISC
- seclists.org/bugtraq/2019/Jun/8mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.