Detections
Analytics

GoAhead System.ini Leak

critical Nessus Plugin ID 102174

Language:

Synopsis

The remote server is vulnerable to an information leak that could allow a remote attacker to learn the admin username and password

Description

The remote server uses a version of GoAhead that allows a remote unauthenticated attacker to download the system.ini file. This file contains credentials to the web interface, ftp interface, and others.

Solution

If possible, update the device's firmware and ensure that the HTTP server is not accessible via the internet.

See Also

http://www.nessus.org/u?ad0d0c84

https://pierrekim.github.io/advisories/2017-goahead-camera-0x00.txt

Plugin Details

Severity: Critical

ID: 102174

File Name: goahead_password_leak.nasl

Version: 1.7

Type: remote

Family: CGI abuses

Published: 8/3/2017

Updated: 11/12/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-8225

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:U/RC:X

Vulnerability Information

Required KB Items: www/goahead

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 3/17/2017

Reference Information

CVE: CVE-2017-8225