Description

An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI <=6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host.

Related CPE's

o

inim

smartliving_505_firmware

-

Vulnerable

h

inim

smartliving_505

-

o

inim

smartliving_515_firmware

-

Vulnerable

h

inim

smartliving_515

-

o

inim

smartliving_1050_firmware

-

Vulnerable

h

inim

smartliving_1050

-

o

inim

smartliving_1050g3_firmware

-

Vulnerable

h

inim

smartliving_1050g3

-

o

inim

smartliving_10100l_firmware

-

Vulnerable

h

inim

smartliving_10100l

-

o

inim

smartliving_10100lg3_firmware

-

Vulnerable

h

inim

smartliving_10100lg3

-

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/172839

Third Party AdvisoryVDB Entry

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5545.php

ExploitThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-918

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

7.5 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-04-29T15:15:10.537

4 years ago

Last modified

2021-05-05T17:56:20.190

4 years ago