Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024

Vendor: Ubiquoss
Product: Ubiquoss Switch VP5208A
Discovered by: Juan Manuel Fernandez – Tarlogic (@TheXC3LL)

Ubiquoss Switch VP5208A Vulnerability – CVE-2018-10024

Credential disclosure
———————-
Ubiquoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in clear-text when a failed login attempt is done. The file can be reached via browser.

Credentials can be used access the system via SSH (or telnet if it is enabled).

Time Line
———————-
18/09/17 – First attempt to contact vendor.
06/03/18 – Contacted US-CERT with the report.
15/03/18 – ACK from US-CERT. They gave us other e-mail address to try to contact.
15/03/18 – Attempt to contact vendor at the new e-mail address.
09/04/18 – Disclosure

Discover our work and cybersecurity services.