Multiple Siklu EtherHaul Devices CVE-2017-7318 Remote Command Execution Vulnerability

Multiple Siklu EtherHaul devices are prone to a remote command-execution vulnerability.

An attacker can exploit this issue to execute arbitrary commands within the context of the affected application. Failed exploits might result in denial-of-service conditions.

Versions prior to Siklu EtherHaul devices 7.4.0 are vulnerable.


Bugtraq ID: 97227
Class: Configuration Error
CVE: CVE-2017-7318

Remote: Yes
Local: No
Published: Mar 30 2017 12:00AM
Updated: May 02 2017 02:06PM
Credit: The vendor reported this issue.
Vulnerable: Siklu EtherHaul 7.0

Not Vulnerable: Siklu EtherHaul 7.4.0


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts