CVE-2024-39178

Vulnerability

Overview

CVE-2024-39178 affects the MyPower vc8100 router firmware version V100R001C00B030. The vulnerability is an arbitrary file read issue caused by insecure permissions in the /tcpdump/tcpdump.php?menu_uuid component. The script fails to properly restrict the files that can be accessed via the menu_uuid parameter, allowing an attacker to read arbitrary files on the device's filesystem [1].

Exploitability

The attack vector is through HTTP requests to the vulnerable endpoint. The prerequisites for exploitation are low; no authentication is required, and the attack can be performed over the network. An attacker simply sends a crafted request to /tcpdump/tcpdump.php?menu_uuid with a path traversal sequence or absolute path to read sensitive files [1]. This makes the vulnerability easy to exploit remotely without needing prior access.

Impact

Successful exploitation allows an unauthenticated remote attacker to read any file on the device that the web server process has access to. This includes sensitive configuration files, credentials, or other system data, potentially leading to further compromise of the device or network [1].

Mitigation

As of the publication date (2024-07-05), no official patch has been announced. The vendor has not released a fix, and the device may be end-of-life or unsupported. Administrators should consider restricting network access to the management interface, applying virtual patching via Web Application Firewalls, or replacing the device if possible [1].