CVE-2018-25134

Synaccess · netBooter

Synaccess netBooter NP-02x/NP-08x version 6.8 contains an authentication bypass vulnerability allowing unauthenticated attackers to create unauthorized administrative accounts.

Executive summary

An authentication bypass vulnerability in Synaccess netBooter allows unauthenticated attackers to create administrative accounts, granting full control over power management infrastructure.

Vulnerability

This vulnerability resides in the webNewAcct.cgi script, which fails to perform necessary authentication checks. An unauthenticated attacker can send a crafted POST request to this script to register a new account with administrative privileges.

Business impact

With a CVSS score of 9.8, this vulnerability poses a catastrophic risk to business operations. Unauthorized access to power supply management hardware enables attackers to physically power down critical servers or networking equipment, resulting in significant service downtime and potential hardware damage.

Remediation

Immediate Action: Update affected Synaccess netBooter devices to the latest firmware version provided by the vendor.

Proactive Monitoring: Review administrative account creation logs for unauthorized or unexpected user accounts.

Compensating Controls: Isolate management interfaces from the public internet using firewalls or VPNs to restrict access to trusted administrative networks only.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability represents a high-risk entry point into critical infrastructure. Administrators should immediately audit current user accounts for suspicious entries and apply firmware updates to close the authentication bypass vector.