CVE-2021-4242

A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592.

CVSS v3.0 8.8 HIGH

8.8^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py	Exploit Third Party Advisory
https://blog.csdn.net/qq_44159028/article/details/114590267	Exploit Third Party Advisory
https://vuldb.com/?id.214592	Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:sapido:br270n_firmware:2.1.03:*:*:*:*:*:*:*

cpe:2.3:h:sapido:br270n:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:sapido:brc76n_firmware:2.1.03:*:*:*:*:*:*:*

cpe:2.3:h:sapido:brc76n:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:sapido:gr297n_firmware:2.1.3:*:*:*:*:*:*:*

cpe:2.3:h:sapido:gr297n:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:sapido:rb-1732_firmware:2.0.43:*:*:*:*:*:*:*

cpe:2.3:h:sapido:rb-1732:-:*:*:*:*:*:*:*

Information

Published : 2022-11-30 06:15

Updated : 2022-12-02 10:29

NVD link : CVE-2021-4242

Mitre link : CVE-2021-4242

JSON object : View

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

Products Affected

sapido

brc76n
rb-1732
br270n
rb-1732_firmware
gr297n_firmware
gr297n
brc76n_firmware
br270n_firmware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py", "name": "https://github.com/smallpiggy/Sapido--rce/blob/main/Sapido%E8%B7%AF%E7%94%B1%E5%99%A8-rce.py", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://blog.csdn.net/qq_44159028/article/details/114590267", "name": "https://blog.csdn.net/qq_44159028/article/details/114590267", "tags": ["Exploit", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://vuldb.com/?id.214592", "name": "https://vuldb.com/?id.214592", "tags": ["Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A vulnerability was found in Sapido BR270n, BRC76n, GR297 and RB1732 and classified as critical. Affected by this issue is some unknown functionality of the file ip/syscmd.htm. The manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214592."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-4242", "ASSIGNER": "cna@vuldb.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}}, "publishedDate": "2022-11-30T14:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sapido:br270n_firmware:2.1.03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sapido:br270n:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sapido:brc76n_firmware:2.1.03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sapido:brc76n:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sapido:gr297n_firmware:2.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sapido:gr297n:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:sapido:rb-1732_firmware:2.0.43:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:sapido:rb-1732:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-12-02T18:29Z"}