CVE-2018-25145

High CVSS: 7.1

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/m_cli/', and '/tmp' to access system passwords and network settings.

Vendor

Microhardcorp

Product

Ipn4g Firmware

CWE

CWE-552

Yayın Tarihi

2025-12-24 20:15:48

Güncelleme

2026-01-26 19:50:16

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-552 Ipn4g Firmware HIGH Microhardcorp 2025

Referanslar

http://www.microhardcorp.com https://www.exploit-db.com/exploits/45036 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5484.php https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5484.php

Benzer Kayıtlar

High

CVE-2018-25146

Microhard Systems IPn4G 1.1.0 contains an undocumented vulnerability that allows authenticated attackers to list and man…

Critical

CVE-2018-25147

Microhard Systems IPn4G 1.1.0 contains hardcoded default credentials that cannot be changed through normal gateway opera…

High

CVE-2018-25148

Microhard Systems IPn4G 1.1.0 contains multiple authenticated remote code execution vulnerabilities in the admin interfa…

Medium

CVE-2018-25149

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform admin…

High

CVE-2018-25143

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SS…

High

CVE-2018-25144

Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that…