Hitron CGNF-TWN Command Injection Vulnerability in Telnet Service
Vulnerability
A command injection vulnerability has been identified in the Hitron CGNF-TWN cable modem, specifically in the telnet service of version 3.1.1.43-TWN-pre3. This vulnerability stems from inadequate input validation in the telnet command handling, allowing attackers to inject arbitrary commands through the telnet interface. Exploitation of this vulnerability could result in remote code execution (RCE) with the privileges of the telnet user, potentially granting unauthorized access to system settings and sensitive information.
Impact
Exploitation of this vulnerability allows for remote code execution on the affected device, with the injected commands executed under the privileges of the telnet user. This could lead to unauthorized access to system settings and sensitive information.
Reproduction
The vulnerability can be reproduced by connecting to the device via telnet. After logging in with valid credentials, arbitrary commands can be injected through the telnet command prompt. For example, injecting 'telnet ; sh' executes a shell command, which can be used to access sensitive files such as '/etc/shadow' and '/etc/passwd'.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.