CVE-2019-18922; Directory Traversal; Allied Telesis AT-GS950

1. =============================================
2. CVEID: CVE-2019-18922
3. NAME OF AFFECTED PRODUCT: Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047]
4. PROBLEM TYPE: Directory Traversal
5. DESCRIPTION: A Directory Traversal in the Web interface of the Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] allows unauthenticated attackers to read arbitrary system files via a GET request.
6. NOTE: This is an End-of-Life product.
7.  
8. =============================================
9.  
10. I. VULNERABILITY
11. - -------------------------
12. The Allied Telesis AT-GS950/8 Network Switch with Firmware until AT-S107 V.1.1.3 [1.00.047]
13. is confirmed to have an Directory Traversal Vulnerability.
14.  
15. II. BACKGROUND
16. - -------------------------
17. The AT-S107 Firmware is used for Configuration through an Web-Interface.
18.  
19. III. DESCRIPTION
20. - -------------------------
21. A GET-Request with the Path http://[IP]/../../../../../../etc/passwd shows the File-Content.
22.  
23. V. BUSINESS IMPACT
24. - -------------------------
25. A Attacker can read arbitrary System-Files.
26.  
27.  
28. VI. SYSTEMS AFFECTED
29. - -------------------------
30. Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047].
31.  
32. VII. CREDITS
33. - -------------------------
34. The Vulnerability has been discovered by the Security-Team at the University Bayreuth.
35.  
36. VIII. LEGAL NOTICES
37. - -------------------------
38. The information contained within this advisory is supplied "as-is" with no
39. warranties or guarantees of fitness of use or otherwise.