GoAhead System.ini Leak

Medium Nessus Plugin ID 102174

Synopsis

The remote server is vulnerable to an information leak that could allow a remote attacker to learn the admin username and password

Description

The remote server uses a version of GoAhead that allows a remote unauthenticated attacker to download the system.ini file. This file contains credentials to the web interface, ftp interface, and others.

Solution

If possible, update the device's firmware and ensure that the HTTP server is not accessible via the internet.

See Also

http://www.nessus.org/u?ad0d0c84

https://pierrekim.github.io/advisories/2017-goahead-camera-0x00.txt

Plugin Details

Severity: Medium

ID: 102174

File Name: goahead_password_leak.nasl

Version: 1.6

Type: remote

Family: CGI abuses

Published: 2017/08/03

Modified: 2018/06/14

Dependencies: 10107

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

CVSSv3

Base Score: 5.3

Temporal Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

Required KB Items: www/goahead

Exploited by Nessus: true

Vulnerability Publication Date: 2017/03/17

Reference Information

CVE: CVE-2017-8225