Zettler TCP/IP Gateway Password Hash and Session Token Leakage Vulnerability
Vulnerability
A vulnerability classified as CWE-598, involving the inappropriate use of the GET request method with sensitive query strings, has been identified in the Zettler 130.8005 TCP/IP Gateway operating on firmware version 12h. This vulnerability exposes the SHA-1 hash of passwords and session tokens in the URL, creating a risk of information leakage. An attacker who can access these values, such as through network traffic inspection or via the victim's browser, could exploit this issue to extract the password hash and session tokens, potentially bypassing authentication by using a pass-the-hash attack.
Impact
Exploitation of this vulnerability could lead to unauthorized authentication bypass, allowing an attacker to gain access to systems or data by exploiting the leaked password hashes and session tokens.
Remediation
It is recommended to isolate vulnerable hosts to prevent Man-in-the-Middle attacks that could intercept sensitive data from network communications.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.