This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **What is this vulnerability?** * **Type:** Directory Traversal in Ericsson Drutt MSDP Instance Monitor. * **Mechanism:** Attackers use `..%2f` (encoded slash) in the default URI. * **Consequence:** Remote attacβ¦
π‘οΈ **Root Cause? (CWE/Flaw)** * **Flaw:** Improper input validation in the Instance Monitor. * **CWE:** Not specified in data (typically CWE-22: Improper Limitation of a Pathname to a Restricted Directory).β¦
π₯ **Who is affected? (Versions/Components)** * **Product:** Ericsson Drutt Mobile Service Delivery Platform (MSDP). * **Component:** Instance Monitor. * **Affected Versions:** * Version 4 π¦ * Version 5β¦
π **How to self-check? (Features/Scanning)** * **Manual Test:** Send a request with `..%2f` in the URI to the Instance Monitor endpoint. * **Automated Scan:** Use Nuclei templates (`http/cves/2015/CVE-2015-2166.yamlβ¦
π§ **What if no patch? (Workaround)** * **Network:** Block external access to the Instance Monitor port. π« * **WAF:** Configure Web Application Firewall to block `..%2f` patterns in URIs.β¦
β‘ **Is it urgent? (Priority Suggestion)** * **Priority:** **HIGH** for legacy systems. π¨ * **Reason:** Public exploits exist, and it allows file read without auth.β¦