CVE-2023-42130

Q: What is the severity of CVE-2023-42130?

CVE-2023-42130 has a CVSS score of 8.8 (HIGH). This vulnerability in A10 Thunder ADC allows authenticated remote attackers to read and delete arbitrary files on the system through directory traversal in the FileMgmtExport class. It affects A10 Thunder ADC installations where attackers have valid credentials. The flaw stems from improper path validation before file operations.

8.8 HIGH

📋 TL;DR

This vulnerability in A10 Thunder ADC allows authenticated remote attackers to read and delete arbitrary files on the system through directory traversal in the FileMgmtExport class. It affects A10 Thunder ADC installations where attackers have valid credentials. The flaw stems from improper path validation before file operations.

💻 Affected Systems

Products:

A10 Thunder ADC

Versions: ACOS versions prior to 6.2.4-p1

Operating Systems: A10 ACOS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authentication to exploit, but default configurations may have vulnerable authentication mechanisms.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through reading sensitive files (passwords, keys, configs) and deleting critical system files causing service disruption or permanent damage.

🟠

Likely Case

Data exfiltration of sensitive configuration files, credentials, or logs, potentially leading to lateral movement or further attacks.

🟢

If Mitigated

Limited impact if proper authentication controls, file permissions, and network segmentation are in place, though authenticated users could still abuse the vulnerability.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires valid credentials but is technically simple once authenticated. No public PoC available as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: ACOS 6.2.4-p1 and later

Vendor Advisory: https://support.a10networks.com/support/security_advisory/a10-acos-file-access-vulnerability/

Restart Required: Yes

Instructions:

1. Download ACOS 6.2.4-p1 or later from A10 support portal. 2. Backup current configuration. 3. Apply the update following A10's upgrade procedures. 4. Restart the ADC to apply changes.

🔧 Temporary Workarounds

Restrict Authentication Access

all

Limit administrative access to trusted IP addresses only to reduce attack surface.

Configure ACLs on management interfaces to allow only specific IPs

File System Permissions Hardening

linux

Set strict file permissions on sensitive directories to limit damage from file operations.

chmod 600 on sensitive config files, chmod 700 on critical directories

🧯 If You Can't Patch

Implement strict network segmentation to isolate ADC management interfaces from untrusted networks.
Enforce strong authentication policies and multi-factor authentication for all administrative accounts.

🔍 How to Verify

Check if Vulnerable:

Check ACOS version via CLI: 'show version' and compare to vulnerable versions (prior to 6.2.4-p1).

Check Version:

show version

Verify Fix Applied:

Verify version is 6.2.4-p1 or later using 'show version' command.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in system logs
Multiple failed authentication attempts followed by file operations

Network Indicators:

Unexpected traffic to management interfaces from unauthorized sources

SIEM Query:

source="a10-adc" AND (event_type="file_access" OR event_type="authentication") AND (path="../" OR status="success")

📊 Metadata

CVE ID: CVE-2023-42130

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: May 3, 2024

Last Updated: August 18, 2025

🔗 References

https://support.a10networks.com/support/security_advisory/a10-acos-file-access-vulnerability/ Exploit,Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1496/ Third Party Advisory
https://support.a10networks.com/support/security_advisory/a10-acos-file-access-vulnerability/ Exploit,Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1496/ Third Party Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

Advanced Core Operating System by A10networks

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict Authentication Access

File System Permissions Hardening

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities