Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Miele Professional PG 8528 washer-disinfector affected by a Web Server Directory Traversal

An Internet-Connected Medical Washer-Disinfector, the Miele’s model Professional PG 8528, is affected by a Web Server Directory Traversal. While the number of IoT devices continue to exponentially increase, the level of security of these smart objects is often not adequate end exposes users at risk of cyber attacks. The news of the say is a […]

Miele Professional PG 8528 washer-disinfector affected by a Web Server Directory Traversal

An Internet-Connected Medical Washer-Disinfector, the Miele’s model Professional PG 8528, is affected by a Web Server Directory Traversal.

While the number of IoT devices continue to exponentially increase, the level of security of these smart objects is often not adequate end exposes users at risk of cyber attacks.

The news of the say is a security vulnerability reported at Full Disclosure that affects Internet-connected washer-disinfector appliance manufactured by the Germany-based vendor Miele.

 washer-disinfector

According to the security advisory, the Miele Professional PG 8528 appliance is affected by a Web Server Directory Traversal vulnerability tracked as CVE-2017-7240. The Miele Professional PG 8528 is a medical equipment used to disinfect laboratory and surgical instruments. The flaw could be exploited by an unauthenticated attacker to access any directory on the web server.

“The corresponding embeded webserver “PST10 WebServer” typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks.” reads the advisory.

The flaw could allow attackers to access sensitive data on the server, to drop and execute malicious code on the web server.

The flaw was discovered by the expert Jens Regel at the German consultancy Schneider & Wulf who reported the issue to Mele in December 2016. Unfortunately, he did not receive the reply from the company, so after four months he decided to publicly disclose it.

Regel also published a proof-of-concept (PoC) exploit code for this flaw, for this reason, it is important that the vendor will fix the issue as soon as possible.

Do you want to hack the Mele washer-disinfector?

It is simple, the PoC exploit code that is used by the expert to request the embedded system’s shadow file and any file on the filesystem.

Proof of Concept:
=================
~$ telnet 192.168.0.1 80
Trying 192.168.0.1...
Connected to 192.168.0.1.
Escape character ist '^]'.
GET /../../../../../../../../../../../../etc/shadow HTTP/1.1 to whatever IP the dishwasher has on the LAN.

Waiting for a patch disconnect the washer-disinfector from the Internet.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – washer-disinfector, hacking)