CVE-2018-25145
Configuration File Disclosure in Microhard IPn4G
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microhard_systems | ipn4g | 1.1.0 |
| microhard_systems | ipn4g | * |
| microhard_systems | ipn4gb | * |
| microhard_systems | vip4gb | * |
| microhard_systems | dragon-lte | * |
| microhard_systems | bullet-3g | * |
| microhard_systems | ipn3gb | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-552 | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2018-25145 is a vulnerability in Microhard Systems IPn4G and other related 3G/4G cellular gateway devices that allows authenticated attackers to download sensitive system configuration files. These files, located in directories such as '/', '/www/cgi-bin/', '/etc/m_cli/', and '/tmp', contain critical information like system passwords, user credentials, network settings, and device configurations. By exploiting this vulnerability, attackers can access backup configuration files (e.g., 'IPn4G.config') and CLI configuration files ('cli.conf'), which can lead to authentication bypass, privilege escalation, and potentially full system compromise. [1, 2]
How can this vulnerability impact me? :
This vulnerability can have serious impacts including disclosure of sensitive information such as system passwords, user credentials, VPN and SNMP authentication details. With this information, an attacker can bypass authentication mechanisms, escalate privileges, and potentially take full control of the affected device. This can lead to unauthorized access to network infrastructure, disruption of services, and compromise of connected systems. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to download sensitive configuration files from the affected Microhard Systems devices using authenticated HTTP requests. For example, using curl with valid admin credentials to request files such as '/IPn4G.config', '/www/cgi-bin/system.conf', '/tmp/cli.conf', or '/etc/m_cli/cli.conf'. A sample command to test access could be: curl -u admin:password https://<device-ip>/IPn4G.config -k. Successful retrieval of these files indicates the vulnerability is present. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows authenticated attackers to download sensitive system configuration files containing passwords and network settings, which can lead to unauthorized access and potential full system compromise. Such exposure of sensitive information can result in non-compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure system configurations to prevent unauthorized access and data breaches. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting authenticated user access to sensitive configuration files by implementing stricter access controls, disabling unnecessary file download functionalities, and monitoring for unauthorized access attempts. Additionally, update device firmware if patches are available, and change all exposed passwords and credentials found in configuration files to prevent further compromise. [1, 2]