FKIE_CVE-2021-40858

Vulnerability from fkie_nvd - Published: 2021-12-13 04:15 - Updated: 2024-11-21 06:24
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring.
References
cve@mitre.orghttp://packetstormsecurity.com/files/165166/Auerswald-COMpact-8.0B-Arbitrary-File-Disclosure.htmlExploit, Third Party Advisory, VDB Entry
cve@mitre.orghttps://www.redteam-pentesting.de/advisories/rt-sa-2021-006Exploit, Third Party Advisory
cve@mitre.orghttps://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analysesExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/165166/Auerswald-COMpact-8.0B-Arbitrary-File-Disclosure.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://www.redteam-pentesting.de/advisories/rt-sa-2021-006Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analysesExploit, Third Party Advisory
Impacted products
Vendor Product Version
auerswald compact_5500r_ip_firmware *
auerswald compact_5500r_ip -
auerswald compact_5200r_ip_firmware *
auerswald compact_5200r_ip -
auerswald compact_5000r_ip_firmware *
auerswald compact_5000r_ip -
auerswald compact_4000_ip_firmware *
auerswald compact_4000r_ip -
auerswald commander_6000r_ip_firmware *
auerswald commander_6000r_ip -
auerswald commander_6000rx_ip_firmware *
auerswald commander_6000rx_ip -
auerswald commander_business\(19\"\)_ip_firmware *
auerswald commander_business\(19\"\)_ip -
auerswald commander_basic.2\(19\"\)_ip_firmware *
auerswald commander_basic.2\(19\"\)_ip -
auerswald compact_5010_voip_ip_firmware *
auerswald compact_5010_voip_ip -
auerswald compact_5020_voip_ip_firmware *
auerswald compact_5020_voip_ip -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:compact_5500r_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA0FA892-0FE9-4D6D-A55E-7CE18D168292",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:compact_5500r_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD407288-677A-4894-81C6-65F2F3CECB51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:compact_5200r_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB915B7-5540-4BB5-8B7F-9041FDB2E79C",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:compact_5200r_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBD26DCD-5858-46D0-BFA7-B90C89F68FFA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:compact_5000r_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F8C10D-6049-4DF1-9C6D-393D93BEA89A",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:compact_5000r_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0213A2ED-05F7-4F88-B6CF-D4DA33D0E2E5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:compact_4000_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFD6CFA4-56F8-4801-B142-530161F3821D",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:compact_4000r_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7136126-3BFE-4054-B4A8-AF4E5A077BD1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:commander_6000r_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7EF278-8528-4A39-97EF-8E56B9FD78F7",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:commander_6000r_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DFCC827-9C3C-4556-BF5B-09BF80DE39D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:commander_6000rx_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "159BA9F1-24A4-46FB-B88B-75F322D8F1F8",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:commander_6000rx_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A4F221E-B83A-444B-81AD-FCA5E5CD0C18",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:commander_business\\(19\\\"\\)_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "45171367-4705-43BB-B065-C90F4725AB09",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:commander_business\\(19\\\"\\)_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4731EF2F-7DBC-43DE-A3B3-E08F730905C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:commander_basic.2\\(19\\\"\\)_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3443B8AC-3FB5-4656-AC01-5F75ACE3804A",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:commander_basic.2\\(19\\\"\\)_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C00FC2E6-F85E-4614-A8E3-84C101821619",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:compact_5010_voip_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B321A3-C893-4529-9184-A30DE0A9FF2E",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:compact_5010_voip_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76A43674-7F42-4F08-A98A-F16587B9C613",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:auerswald:compact_5020_voip_ip_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D645B110-AE4E-4875-8594-50E4C47716DC",
              "versionEndIncluding": "8.0b",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:auerswald:compact_5020_voip_ip:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5846705F-8178-4ABE-8C42-2227851A4837",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Auerswald COMpact 5500R devices before 8.2B allow Arbitrary File Disclosure. A sub-admin can read the cleartext Admin password via the fileName=../../etc/passwd substring."
    },
    {
      "lang": "es",
      "value": "Los dispositivos Auerswald COMpact 5500R versiones anteriores a 8.2B, permiten una divulgaci\u00f3n de archivos arbitrarios. Un subadministrador puede leer la contrase\u00f1a de administrador en texto sin cifrar por medio de la subcadena fileName=../../etc/passwd"
    }
  ],
  "id": "CVE-2021-40858",
  "lastModified": "2024-11-21T06:24:57.007",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 6.8,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-13T04:15:07.087",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165166/Auerswald-COMpact-8.0B-Arbitrary-File-Disclosure.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.redteam-pentesting.de/advisories/rt-sa-2021-006"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/165166/Auerswald-COMpact-8.0B-Arbitrary-File-Disclosure.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.redteam-pentesting.de/advisories/rt-sa-2021-006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.