Primary

Context

Karel IP Phone IP1211 Path Traversal Vulnerability in Web Management Panel

Vulnerability

A path traversal vulnerability has been identified in the Karel IP1211 IP Phone's web management interface. The issue arises in the /cgi-bin/cgiServer.exx endpoint, which does not adequately sanitize user input in the page parameter. This flaw allows remote authenticated attackers to access arbitrary files on the device's file system by exploiting crafted path traversal sequences. Sensitive files such as /etc/passwd and /etc/shadow can be accessed as a result.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive system files, potentially leading to further exploitation of the device or its user.

Reproduction

The vulnerability can be reproduced by sending a GET request to the /cgi-bin/cgiServer.exx endpoint with a crafted page parameter that includes path traversal sequences. This request must be authorized with valid credentials, such as the default admin credentials.

Added: Jun 20, 2025, 7:46 PM

Updated: Jun 20, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.6

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Karel IP Phone IP1211 Path Traversal Vulnerability in Web Management Panel

Vulnerability

Impact

Reproduction

Affected Products

Karel IP1211

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating