This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: CyberData 011209 Intercom allows **arbitrary file upload** by authenticated attackers. π₯ **Consequences**: Full system compromise. CVSS 9.8 (Critical).β¦
π‘οΈ **Root Cause**: **CWE-35** (Path Traversal). The device fails to properly sanitize file paths during upload, allowing attackers to write files outside the intended directory.
Q3Who is affected? (Versions/Components)
π’ **Affected**: **CyberData 011209 SIP Emergency Intercom**. Specifically the emergency call device manufactured by CyberData. No specific firmware versions listed in data.
Q4What can hackers do? (Privileges/Data)
π» **Attacker Capabilities**: Can upload **any file** to the system. This likely leads to **Remote Code Execution (RCE)**, full control over the intercom, and potential network pivoting.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **Low**. CVSS indicates **PR:N** (No Privileges Required) for the vector, but description says 'authenticated'. *Note: Data conflict exists.β¦
π¦ **Public Exploit**: **None listed**. The `pocs` array is empty. No public Proof-of-Concept or wild exploitation code is currently available in the provided data.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: Scan for **CyberData 011209** devices. Check for **file upload endpoints** in the web interface. Look for **path traversal** patterns in upload requests. Use CISA ICSA-25-155-01 for indicators.
π§ **Workaround**: **Network Segmentation**. Isolate the intercom from critical networks. **Disable** unnecessary services. Restrict access to the device's management interface via ACLs.
Q10Is it urgent? (Priority Suggestion)
β‘ **Urgency**: **CRITICAL**. CVSS 9.8. High impact on safety-critical infrastructure (Emergency Intercom). Immediate attention required despite lack of public exploit.