CVE-2019-8389

{"id": "CVE-2019-8389", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.8, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2019-02-17T03:29:00.193", "references": [{"url": "https://gist.github.com/shawarkhanethicalhacker/b98c5ac7491cf77732c793ecc468f465", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6. By default, the application runs a transfer service on port 8080, accessible by everyone on the same Wi-Fi network. An attacker can send the POST parameters downfiles and cur-folder (with a crafted ../ payload) to the download.script endpoint. This will create a MusicPlayerArchive.zip archive that is publicly accessible and includes the content of any requested file (such as the /etc/passwd file)."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de lectura de archivos en la caracter\u00edstica de transferencia Wi-Fi de Musicloud 1.6. Por defecto, la aplicaci\u00f3n ejecuta un servicio de transferencia en el puerto 8080, accesible por todos en la misma red wifi. Un atacante puede enviar los par\u00e1metros POST downfiles y cur-folder (con una carga \u00fatil ../ manipulada) al endpoint download.script. Esto crear\u00e1 un archivo MusicPlayerArchive.zip accesible p\u00fablicamente que incluye el contenido de cualquier archivo solicitado (como /etc/passwd)."}], "lastModified": "2021-07-21T11:39:23.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:musicloud_project:musicloud:1.6:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "C06A66C1-3D0D-428B-9346-DAFB2A6CCE44"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}