← Advisories

Teradek T-RAX 7.3.2 (snapshot.cgi) Stream Disclosure

Medium
Advisory ID
ZSL-2018-5465
Release Date
21 May 2018
Vendor
Teradek, LLC - https://www.teradek.com
Affected Version
Firmware Version: 7.3.2 (build 24453), Teradek Firmware Version 7.3.15
CVE
N/A
Tested On
lighttpd/1.4.31
Summary

T-RAX is a high-density enterprise-grade H.264 platform that encodes, decodes, and streams video at broadcast quality.

Description

T-RAX suffers from an unauthenticated and unauthorized live stream disclosure when snapshot.cgi script is called.

Proof of Concept
teradek_t-rax_stream.txtTXT
Disclosure Timeline
02.03.2018Vulnerability discovered.
08.05.2018Vendor contacted.
08.05.2018Vendor replied asking more details.
08.05.2018Sent details to the vendor.
10.05.2018Asked vendor for status update.
13.05.2018No response from the vendor.
14.05.2018Asked vendor for status update.
20.05.2018No response from the vendor.
21.05.2018Public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]https://cxsecurity.com/issue/WLB-2018050174
[2]https://packetstormsecurity.com/files/147793
[3]https://exchange.xforce.ibmcloud.com/vulnerabilities/143719
Changelog
21.05.2018Initial release
29.05.2018Added reference [1], [2] and [3]