Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [CVEID]
- CVE-2020-17494
- ------------------------------------------
- [Suggested description] [PROBLEM TYPE]
- Untangle Firewall NG before 16.0 uses MD5 for passwords.
- ------------------------------------------
- [Additional Information] [DESCRIPTION]
- Untangle Firewall NG stores passwords using the rather outdated and
- cryptographically insecure MD5 hash algorithm. Untangle Firewall NG
- default backup procedure is storing the configuration backup on a
- passwordless zip on a google cloud account, on which the file with the
- hash is present, allowing attackers who are able to compromise the
- google cloud account to compromise the firewall through this
- vulnerability. Furthermore, enabling firewall web control panel and
- SSH connections even though is not default, is a option and can be
- found through the internet.
- ------------------------------------------
- [VulnerabilityType Other]
- Untangle Firewall NG stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm
- ------------------------------------------
- [Vendor of Product]
- Untangle Firewall NG, https://www.untangle.com
- ------------------------------------------
- [Affected Product Code Base] [PRODUCT] [VERSION]
- Untangle Firewall NG - < 16.0
- ------------------------------------------
- [Attack Type]
- Remote
- ------------------------------------------
- [CVE Impact Other]
- Admin access to the firewall web control panel and SSH
- ------------------------------------------
- [Attack Vectors]
- Access to the default configuration backups of the firewall on a google cloud or local access to the hash.
- https://github.com/untangle/ngfw_src/blob/1d232efe2c17a8838b59bbbeaf166dafa94676af/uvm/hier/usr/share/untangle/web/auth/index.py
- https://wiki.untangle.com/index.php/Configuration_Backup
- https://www.shodan.io/search?query=src%3D%22%2Fimages%2FBrandingLogo.png%22
- https://www.untangle.com
- ------------------------------------------
- [Reference]
- https://github.com/untangle/ngfw_src/blob/1d232efe2c17a8838b59bbbeaf166dafa94676af/uvm/hier/usr/share/untangle/web/auth/index.py#L196-L200
- https://github.com/untangle/ngfw_src/search?q=author%3Abmastbergen+committer-date%3A2020-08-10&type=commits
- https://pastebin.com/s7UYG3vX
- ------------------------------------------
- [Discoverer]
- Harold Luiz Palazzini Cardozo
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement