CVE-2018-25148
Unknown Unknown - Not Provided

Authenticated Remote Code Execution in Microhard IPn4G Admin Interface

Vulnerability report for CVE-2018-25148, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: VulnCheck

Description

Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interface that allow attackers to create crontab jobs and modify system startup scripts. Attackers can exploit hidden admin features to execute arbitrary commands with root privileges, including starting services, disabling firewalls, and writing files to the system.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-07-06
AI Q&A
2025-12-24
EPSS Evaluated
2026-07-04
NVD
EUVD

Affected Vendors & Products

Showing 5 associated CPEs
Vendor Product Version / Range
microhard_systems ipn4g 1.1.0
microhard_systems ipn3gb 2.2.0
microhard_systems vip4gb 1.1.6
microhard_systems dragon-lte 1.1.0
microhard_systems bullet-3g 1.2.0

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-266 A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects Microhard Systems IPn4G and related 3G/4G Cellular Ethernet and Serial Gateway devices. It involves multiple authenticated remote code execution flaws in the administrative interface, where attackers who have valid credentials can exploit hidden and undocumented features to create or modify crontab jobs and system startup scripts. This allows them to execute arbitrary commands with root privileges, effectively gaining full control over the device remotely. [1, 2]

Impact Analysis

If exploited, this vulnerability allows an attacker with authenticated access to execute arbitrary commands as the root user on the affected device. This can lead to a complete compromise of the device, including starting unauthorized services, disabling firewalls, writing files to the system, and potentially taking full control of the device and its network communications. [1, 2]

Detection Guidance

Detection can involve checking for unauthorized or suspicious crontab entries and modifications to system startup scripts on the affected devices. For example, you can inspect crontab jobs by running commands like `crontab -l` or checking system-wide crontabs in `/etc/crontab` and `/etc/cron.*` directories. Additionally, reviewing the contents of system startup scripts such as `/etc/init.d/firewall` or other startup files for unexpected changes can help. Monitoring web server logs for POST requests to endpoints like `/cgi-bin/webif/system-crontabs.sh` or `/cgi-bin/webif/system-startup.sh` may reveal exploitation attempts. Specific commands to detect suspicious activity include: `crontab -l`, `cat /etc/crontab`, `grep -r 'pwn.txt' /www/`, and reviewing web server access logs for POST requests to the mentioned CGI scripts. [2]

Mitigation Strategies

Immediate mitigation steps include restricting authenticated access to the administrative interface to trusted users only, applying network-level access controls such as firewall rules to limit access to the device management interfaces, and monitoring for suspicious activity such as unauthorized crontab entries or startup script modifications. If possible, update the device firmware to a version that addresses these vulnerabilities. If no patch is available, consider disabling or restricting the vulnerable administrative web interface features. Additionally, changing default credentials and enforcing strong authentication can reduce the risk of exploitation. [1, 2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25148. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart