CVE-2018-18473 : Security Advisory and Response
Discover how attackers exploit a hidden backdoor in PATLITE NH-FB, NH-FV, and NBM Series devices to activate SSH daemon, execute remote code, and seize system control. Learn mitigation steps.
A concealed vulnerability in PATLITE NH-FB Series, NH-FV Series, and NBM Series devices allows attackers to activate an SSH daemon and execute remote code.
Understanding CVE-2018-18473
This CVE discloses a hidden backdoor in specific PATLITE devices that can be exploited by attackers to gain unauthorized access and control.
What is CVE-2018-18473?
Attackers can leverage a secret URI and default passwords to activate an SSH daemon, leading to remote code execution and system compromise.
The Impact of CVE-2018-18473
This vulnerability enables attackers to take over compromised systems, posing a significant security risk to affected devices.
Technical Details of CVE-2018-18473
This section provides detailed technical insights into the vulnerability.
Vulnerability Description
- Exploitable backdoor in PATLITE NH-FB, NH-FV, and NBM Series devices
- Allows unauthorized activation of SSH daemon
- Enables remote code execution and system control
Affected Systems and Versions
- PATLITE NH-FB Series devices with firmware version 1.45 or older
- NH-FV Series devices with firmware version 1.10 or older
- NBM Series devices with firmware version 1.09 or older
Exploitation Mechanism
- Accessing the _secret1.htm URI with specific passwords activates SSH daemon
- Default root account password