Published:2017/03/30 Last Updated:2017/04/20
JVN#55121369
CentreCOM AR260S V2 vulnerable to privilege escalation
Overview
CentreCOM AR260S V2 contains a privilege escalation vulnerability.
Products Affected
- CentreCOM AR260S V2
Description
​CentreCOM AR260S V2 provided by Allied Telesis K.K. is a wired LAN router. CentreCOM AR260S V2 contains a privilege escalation vulnerability.
Impact
Unintended operations may be performed with administrative privileges by a user who can log into the product with "guest" account.
Solution
Apply Workarounds
The following workarounds may mitigate the impacts of this vulnerability.
- Change the password of the account "guest"
The default password of the account "guest" is publicly known. Change the password of the account "guest" immediately to prevent an unauthenticated attacker from logging into the product. - Do not allow untrusted person to use the account "guest"
Once logged into the vulnerable product as "guest", this vulnerability can be exploited. Therefore do not allow untrusted person to use the "guest" account. - Enable the Firewall protection
The product has a firewall protection, and it is enabled by default. Enable firewall to protect the product from unintended accesses from WAN side.
Vendor Status
| Vendor | Status | Last Update | Vendor Notes |
|---|---|---|---|
| Allied Telesis K.K. | Vulnerable | 2017/03/30 | Allied Telesis K.K. website |
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
CVSS v3
CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score:
8.0
| Attack Vector(AV) | Physical (P) | Local (L) | Adjacent (A) | Network (N) |
|---|---|---|---|---|
| Attack Complexity(AC) | High (H) | Low (L) | ||
| Privileges Required(PR) | High (H) | Low (L) | None (N) | |
| User Interaction(UI) | Required (R) | None (N) | ||
| Scope(S) | Unchanged (U) | Changed (C) | ||
| Confidentiality Impact(C) | None (N) | Low (L) | High (H) | |
| Integrity Impact(I) | None (N) | Low (L) | High (H) | |
| Availability Impact(A) | None (N) | Low (L) | High (H) |
CVSS v2
AV:A/AC:L/Au:S/C:P/I:P/A:P
Base Score:
5.2
| Access Vector(AV) | Local (L) | Adjacent Network (A) | Network (N) |
|---|---|---|---|
| Access Complexity(AC) | High (H) | Medium (M) | Low (L) |
| Authentication(Au) | Multiple (M) | Single (S) | None (N) |
| Confidentiality Impact(C) | None (N) | Partial (P) | Complete (C) |
| Integrity Impact(I) | None (N) | Partial (P) | Complete (C) |
| Availability Impact(A) | None (N) | Partial (P) | Complete (C) |
Credit
Ziv Chang of Trend Micro Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert |
|
| JPCERT Reports |
|
| CERT Advisory |
|
| CPNI Advisory |
|
| TRnotes |
|
| CVE |
CVE-2017-2125 |
| JVN iPedia |
JVNDB-2017-000044 |
Update History
- 2017/04/20
- Information under the section "Impact" was modified.