CVE-2018-25144
Published: 24 December 2025
Summary
CVE-2018-25144 is a high-severity Path Traversal (CWE-22) vulnerability in Microhardcorp Ipn4Gb Firmware. Its CVSS base score is 8.7 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 33.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2018-25144 is an authentication bypass vulnerability in Microhard Systems IPn4G version 1.1.0, affecting the hidden system-editor.sh script. The flaw stems from unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters, enabling path traversal (CWE-22) via GET and POST requests. This allows attackers to read, modify, or delete arbitrary files. The vulnerability carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Local attackers require no privileges or user interaction to exploit the issue with low attack complexity. Exploitation grants high-impact access to the file system, potentially allowing full read, write, and delete operations on arbitrary files, which could lead to complete device compromise.
Advisories and resources include the vendor site at http://www.microhardcorp.com, an exploit at https://www.exploit-db.com/exploits/45037, and a vulnerability report from Zero Science Labs at https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5485.php. Security practitioners should review these for patch availability and mitigation guidance.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-205330
Vulnerability details
Microhard Systems IPn4G 1.1.0 contains an authentication bypass vulnerability in the hidden system-editor.sh script that allows authenticated attackers to read, modify, or delete arbitrary files. Attackers can exploit unsanitized 'path', 'savefile', 'edit', and 'delfile' parameters to perform unauthorized file system…
more
modifications through GET and POST requests.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal via unauthenticated web script enables public-facing app exploitation (T1190), Linux credential dumping from /etc/passwd/shadow (T1003.008), arbitrary local file reads for data collection (T1005), and arbitrary file deletion (T1070.004).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly addresses unsanitized input parameters enabling path traversal by enforcing information input validation mechanisms at entry points.
Least functionality prohibits or restricts unnecessary hidden scripts like system-editor.sh, eliminating the vulnerable attack surface.
Enforces approved authorizations for logical access to files, mitigating unauthorized read, modify, or delete operations even in the presence of authentication bypass.