Fanvil x210 V2 Command Injection Vulnerability Allowing Arbitrary Command Execution
Vulnerability
A command injection vulnerability has been identified in the Fanvil x210 V2 IP phone, specifically in the firmware version 2.12.20. This vulnerability allows unauthenticated attackers on the local network to execute arbitrary system commands. The issue arises in the device's web application during file upload processes, where injected commands can be executed with the same privileges as the web server.
Impact
Exploitation of this vulnerability allows for arbitrary command execution on the affected system.
Reproduction
The vulnerability can be reproduced by uploading a file through the device's web interface. During the upload, commands can be injected into the 'upload/dest' or 'upload/newfile' parameters. The injected commands will be executed and can, for example, be used to write the output of the 'id' command to a file in the '/tmp' directory.
Remediation
Users are advised to update to firmware version 2.12.22.2, which addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.