This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Unrestricted file upload in `commit_vpncli_file_upload` function within `/cgi/timepro.cgi`.β¦
π‘οΈ **Root Cause**: **CWE-434** (Unrestricted Upload of File with Dangerous Type). The code fails to validate or restrict the type/size of files uploaded via the VPN client configuration interface.
π **Privileges**: Remote, No Authentication required (PR:N). π **Data**: High impact on Confidentiality, Integrity, and Availability (C:H, I:H, A:H). Attackers can execute arbitrary code on the router.
Q5Is exploitation threshold high? (Auth/Config)
π **Threshold**: **LOW**. CVSS Vector `AV:N/AC:L/PR:N/UI:N` indicates it is **Network-accessible**, **Low Complexity**, requires **No Privileges**, and **No User Interaction**. Easy to exploit remotely.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Exploit Status**: Public references exist (VDB-346159, GitHub issues).β¦
π **Self-Check**: Scan for the specific CGI endpoint `/cgi/timepro.cgi`. Look for the `commit_vpncli_file_upload` parameter. Check if the router version is **14.18.2**.β¦
π οΈ **Fix**: Official patch details are not explicitly provided in the data. However, vendors typically release firmware updates. Check EFM's official support page for newer firmware versions for A6004MX.
Q9What if no patch? (Workaround)
π§ **Workaround**: If no patch is available: 1. **Disable** remote management if possible. 2. **Restrict** access to the management interface via firewall rules. 3.β¦
β‘ **Urgency**: **CRITICAL**. CVSS Score is **9.8** (High). Due to remote exploitability without auth, immediate action is required. Prioritize patching or applying network-level mitigations.