VYPR
Critical severity9.8NVD Advisory· Published Jun 17, 2019· Updated Jun 17, 2026

CVE-2017-9385

CVE-2017-9385

Description

An issue was discovered on Vera Veralite 1.7.481 devices. The device has an additional OpenWRT interface in addition to the standard web interface which allows the highest privileges a user can obtain on the device. This web interface uses root as the username and the password in the /etc/cmh/cmh.conf file which can be extracted by an attacker using a directory traversal attack, and then log in to the device with the highest privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Vera/Veralitedescription
  • Vera/Veralitellm-fuzzy
    Range: = 1.7.481

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.