CVE-2018-25146
Unknown Unknown - Not Provided
Undocumented Process Control Vulnerability in Microhard IPn4G Causes Service Disruption

Publication date: 2025-12-24

Last updated on: 2026-02-02

Assigner: VulnCheck

Description
Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and manipulate running system processes. Attackers can send arbitrary signals to kill background processes and system services through a hidden feature, potentially causing service disruption and requiring device restart.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2026-02-02
Generated
2026-06-16
AI Q&A
2025-12-24
EPSS Evaluated
2026-06-14
NVD
CVE-2018-25146
Affected Vendors & Products
Showing 14 associated CPEs
Vendor Product Version / Range
microhard_systems ipn4g 1.1.0
microhard_systems ipn4gii *
linux kernel 2.6.32.9
microhard_systems ipn4gb *
microhard_systems vip4gb *
microhard_systems dragon-lte *
microhard_systems bullet-3g *
microhard_systems vip4g-wifi-n *
microhard_systems ipn3gii *
microhard_systems httpd-ssl 1.0.0
microhard_systems bullet-lte *
microhard_systems bulletplus *
microhard_systems vip4g *
microhard_systems ipn3gb *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-863 The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Microhard Systems IPn4G 1.1.0 and related devices, where an undocumented and hidden feature allows authenticated attackers to list running system processes and send arbitrary signals to terminate any background process, including critical system services. Attackers can exploit this via HTTP POST requests or Cross-Site Request Forgery (CSRF) to disrupt essential services, causing denial of service (DoS) and potentially requiring device restart or factory reset to recover. [1, 2]

Impact Analysis

The vulnerability can lead to denial of service (DoS) by allowing attackers to stop critical system services remotely, disrupting device availability and operational continuity. Exploitation can cause service disruption, forcing device restarts or factory resets, which impacts the reliability and uptime of industrial-grade wireless communication devices used in critical data transport for IoT and M2M applications. [1, 2]

Detection Guidance

This vulnerability can be detected by monitoring for unusual HTTP POST requests to the device's web interface, specifically targeting the endpoint /cgi-bin/webif/status-processes.sh. An authenticated attacker exploits this endpoint to list and manipulate running processes. Network traffic analysis tools can be used to detect such POST requests. Additionally, checking for unexpected termination of system services or processes on the device may indicate exploitation. Since the attack requires authentication, reviewing authentication logs for suspicious activity can also help detect attempts. Specific commands are not provided in the resources, but monitoring HTTP POST requests to the mentioned endpoint and reviewing system logs for process terminations are recommended. [1, 2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the device's web interface to trusted users only, enforcing strong authentication mechanisms, and monitoring for suspicious activity such as unauthorized POST requests to /cgi-bin/webif/status-processes.sh. Since the vulnerability allows authenticated attackers to disrupt critical services, limiting user privileges and disabling unnecessary services can reduce risk. If exploitation occurs, recovery typically requires restarting the device or performing a factory reset to undo malicious changes. Applying any available firmware updates or patches from the vendor, if released, is also recommended. However, no specific patches are mentioned in the provided resources. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25146. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart