| 제목 | comet system T7611 1-5-7-5.1252 / 1.60 Missing Authentication for Critical Function |
|---|
| 설명 | The web-based management interface of Comet System network sensor devices lacks authentication controls by default. Attackers can remotely access the administrative configuration page (http://<device_ip>:8082/setupA.cfg) without providing credentials. This allows unauthenticated users to modify critical device settings, including:
Security Configuration: Enabling/disabling security features, setting administrator/user passwords.
Web Server Controls: Disabling the embedded web server or altering the listening port (default: 8082).
Network and Protocol Settings: Modifying alarm limits, SNMP/Syslog parameters, email notifications, and backup/restore configurations.
Service Disruption: Changing NTP synchronization, web refresh intervals, or factory resetting the device.
The vulnerability arises because the “Security” feature in the WWW and Security settings is disabled by default, allowing unrestricted access to privileged functions. While the interface provides an option to enable security (requiring administrator/user passwords), this is not enforced in the default configuration. |
|---|
| 원천 | ⚠️ https://github.com/zeke2997/CVE_request_comet_system |
|---|
| 사용자 | zeke (UID 84610) |
|---|
| 제출 | 2025. 06. 18. PM 06:11 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 06. 27. AM 07:30 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 314074 [Comet System H3531 1.60 Web-based Management Interface /setupA.cfg 약한 인증] |
|---|
| 포인트들 | 20 |
|---|