CVE-2017-9386
Description
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a script file called "get_file.sh" which allows a user to retrieve any file stored in the "cmh-ext" folder on the device. However, the "filename" parameter is not validated correctly and this allows an attacker to directory traverse outside the /cmh-ext folder and read any file on the device. It is necessary to create the folder "cmh-ext" on the device which can be executed by an attacker first in an unauthenticated fashion and then execute a directory traversal attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Directory traversal in VeraEdge and Veralite get_file.sh allows unauthenticated attackers to read any file on the device.
Vulnerability
An issue exists in the get_file.sh script on Vera VeraEdge version 1.7.19 and Veralite version 1.7.481. The script is intended to retrieve files from the /cmh-ext folder, but the filename parameter is not validated. This allows an attacker to perform directory traversal attacks outside the intended folder. Note that the attacker must first create the /cmh-ext folder on the device, which can be done without authentication [1].
Exploitation
An attacker with network access to the device can exploit this vulnerability by first creating the /cmh-ext folder on the device (e.g., via an unauthenticated command). Then, the attacker sends a request to get_file.sh with a crafted filename parameter containing directory traversal sequences (e.g., ../) to navigate outside /cmh-ext and read arbitrary files on the device [1].
Impact
Successful exploitation allows an unauthenticated attacker to read any file on the device, leading to information disclosure. This compromises the confidentiality of sensitive data stored on the device [1].
Mitigation
As of the publication date, no official patch has been disclosed in the available references. Users are advised to restrict network access to the device and monitor for firmware updates from the vendor [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Vera/VeraEdgedescription
- Range: = 1.7.481
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.htmlmitrex_refsource_MISC
- github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdfmitrex_refsource_MISC
- seclists.org/bugtraq/2019/Jun/8mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.