CVE-2021-4242

A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://blog.csdn.net/qq_44159028/article/details/114590267	Exploit Third Party Advisory
https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py	Exploit Third Party Advisory
https://vuldb.com/?id.214592	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sapido:br270n_firmware:2.1.03:*:*:*:*:*:*:*

cpe:2.3:h:sapido:br270n:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sapido:brc76n_firmware:2.1.03:*:*:*:*:*:*:*

cpe:2.3:h:sapido:brc76n:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:sapido:gr297n_firmware:2.1.3:*:*:*:*:*:*:*

cpe:2.3:h:sapido:gr297n:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:sapido:rb-1732_firmware:2.0.43:*:*:*:*:*:*:*

cpe:2.3:h:sapido:rb-1732:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-11-30 14:15

Updated : 2024-02-28 19:51

NVD link : CVE-2021-4242

Mitre link : CVE-2021-4242

CVE.ORG link : CVE-2021-4242

JSON object : View

Products Affected

sapido

rb-1732
br270n
brc76n_firmware
rb-1732_firmware
br270n_firmware
gr297n_firmware
brc76n
gr297n

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-707

Improper Neutralization

{"id": "CVE-2021-4242", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "cna@vuldb.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.8}]}, "published": "2022-11-30T14:15:10.670", "references": [{"url": "https://blog.csdn.net/qq_44159028/article/details/114590267", "tags": ["Exploit", "Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py", "tags": ["Exploit", "Third Party Advisory"], "source": "cna@vuldb.com"}, {"url": "https://vuldb.com/?id.214592", "tags": ["Third Party Advisory"], "source": "cna@vuldb.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "cna@vuldb.com", "description": [{"lang": "en", "value": "CWE-707"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592."}, {"lang": "es", "value": "Una vulnerabilidad fue encontrada en Sapido BR270n, BRC76n, GR297 y RB1732 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo ip/syscmd.htm es afectada por este problema. La manipulaci\u00f3n conduce a la inyecci\u00f3n de comandos del sistema operativo. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-214592."}], "lastModified": "2023-11-07T03:40:25.320", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sapido:br270n_firmware:2.1.03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB7ED0E2-05DF-4179-949A-034D2AD405C6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sapido:br270n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2D099517-CB63-4BDB-8DD6-53D154768DAD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sapido:brc76n_firmware:2.1.03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9120396E-B3D3-4EA9-9A98-40EF7B8E6DE3"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sapido:brc76n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "03A48719-9186-49F2-91BC-CF93C8822A13"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sapido:gr297n_firmware:2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8607F07-EA08-44C7-A786-3094623F6B57"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sapido:gr297n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6841D138-6697-45AF-B2B3-B948E9D1C1BE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:sapido:rb-1732_firmware:2.0.43:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0B14C13-1E25-4206-9B2F-E474868E5B44"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:sapido:rb-1732:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9A618943-41CC-4E01-A207-8E83C039A2EE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cna@vuldb.com"}