Primary

Context

Zettler TCP/IP Gateway Buffer Over-read Vulnerability Allowing Authentication Token Leakage

Vulnerability

A buffer over-read vulnerability has been identified in the Zettler 130.8005 TCP/IP Gateway, specifically in devices running firmware version 12h. This vulnerability allows remote, unauthenticated attackers to exploit a memory leak in the web server, leading to the unauthorized disclosure of valid authentication tokens from the process memory of users currently logged into the system. As a result, attackers can bypass the authentication mechanism.

Impact

Exploitation of this vulnerability allows for the leakage of authentication tokens, which can be used to impersonate logged-in users and bypass authentication requirements.

Remediation

It is recommended to segregate the host to a management VLAN where only authorized clients can interact with it.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Zettler TCP/IP Gateway Buffer Over-read Vulnerability Allowing Authentication Token Leakage

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating