Login Sign Up

CVE-2018-14705

9.8 CRITICAL
Authentication Bypass

📋 TL;DR

CVE-2018-14705 is an authentication bypass vulnerability in Drobo 5N2 network-attached storage devices where all optional applications lack authentication/authorization validation. Any network-accessible user can interact with and control these applications, posing severe risks to data confidentiality, integrity, and application availability. This affects Drobo 5N2 users running vulnerable firmware.

💻 Affected Systems

Products:
  • Drobo 5N2
Versions: 4.0.5
Operating Systems: Drobo firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All optional applications on the device are affected. The vulnerability exists in the firmware's application management system.

📦 What is this software?

5n2 Firmware by Drobo

View all CVEs affecting 5n2 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of all data stored on the device, unauthorized application control, data exfiltration, ransomware deployment, and permanent data loss.

🟠

Likely Case

Unauthorized access to applications and data, potential data theft or modification, and disruption of application services.

🟢

If Mitigated

Limited to authorized users only with proper authentication controls in place.

🌐 Internet-Facing: HIGH - If device is exposed to the internet, it becomes immediately exploitable by any attacker.
🏢 Internal Only: HIGH - Even on internal networks, any user with network access can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires only network access to the device. No authentication or special tools needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.0.6 and later

Vendor Advisory: https://support.drobo.com/app/answers/detail/a_id/3159

Restart Required: Yes

Instructions:

1. Log into Drobo Dashboard. 2. Check for firmware updates. 3. Install firmware version 4.0.6 or later. 4. Reboot the device after installation.

🔧 Temporary Workarounds

Disable optional applications

all

Remove or disable all optional applications on the Drobo 5N2 to eliminate the attack surface.

Access Drobo Dashboard > Applications > Disable/Remove all optional applications

Network segmentation

all

Isolate Drobo device on separate VLAN with strict access controls.

🧯 If You Can't Patch

  • Immediately disconnect the device from any network until patched
  • Implement strict network access controls allowing only trusted IP addresses

🔍 How to Verify

Check if Vulnerable:

Check firmware version in Drobo Dashboard. If version is 4.0.5, the device is vulnerable.

Check Version:

Access Drobo Dashboard > Settings > About to view firmware version

Verify Fix Applied:

Verify firmware version is 4.0.6 or later in Drobo Dashboard.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access attempts to application endpoints
  • Unexpected application control events

Network Indicators:

  • Unusual network traffic to Drobo application ports
  • Unauthorized API calls to Drobo services

SIEM Query:

source="drobo" AND (event_type="application_access" OR event_type="unauthorized_access")

📊 Metadata

CVE ID: CVE-2018-14705
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-287
Published: February 24, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-14705, you might also want to check these:

CVE-2024-27767 10.0

CVE-2024-27767 is an authentication bypass vulnerability that allows attackers to gain unauthorized ...

Same vulnerability type (CWE-287)
CVE-2026-24898 10.0

OpenEMR versions before 8.0.0 contain an unauthenticated token disclosure vulnerability in the MedEx...

Same vulnerability type (CWE-287)
CVE-2026-20127 10.0

This critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager al...

Same vulnerability type (CWE-287)