Sign-up

ID

VAR-202103-0892


CVE

CVE-2021-27272


TITLE

NETGEAR ProSAFE Network Management System  Traversal Vulnerability in Japan

Trust: 0.8

sources: JVNDB: JVNDB-2021-004810

DESCRIPTION

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ReportTemplateController class. When parsing the path parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12123. Zero Day Initiative To this vulnerability ZDI-CAN-12123 Was numbered.Information is tampered with and denial of service (DoS) It may be put into a state

Trust: 2.43

sources: NVD: CVE-2021-27272 // JVNDB: JVNDB-2021-004810 // ZDI: ZDI-21-355 // VULHUB: VHN-386505 // VULMON: CVE-2021-27272

AFFECTED PRODUCTS

vendor:netgearmodel:prosafe network management systemscope:eqversion:1.6.0.26

Trust: 1.0

vendor:ネットギアmodel:prosafe network management systemscope:eqversion:1.6.0.26

Trust: 0.8

vendor:ネットギアmodel:prosafe network management systemscope:eqversion: -

Trust: 0.8

vendor:netgearmodel:prosafe network management systemscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-355 // JVNDB: JVNDB-2021-004810 // NVD: CVE-2021-27272

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27272
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2021-27272
value: HIGH

Trust: 1.0

NVD: CVE-2021-27272
value: HIGH

Trust: 0.8

ZDI: CVE-2021-27272
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202103-1559
value: HIGH

Trust: 0.6

VULHUB: VHN-386505
value: HIGH

Trust: 0.1

VULMON: CVE-2021-27272
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2021-27272
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-386505
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

zdi-disclosures@trendmicro.com: CVE-2021-27272
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.2
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2021-27272
baseSeverity: HIGH
baseScore: 7.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.2
version: 3.1

Trust: 1.0

ZDI: CVE-2021-27272
baseSeverity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.2
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-355 // VULHUB: VHN-386505 // VULMON: CVE-2021-27272 // JVNDB: JVNDB-2021-004810 // CNNVD: CNNVD-202103-1559 // NVD: CVE-2021-27272 // NVD: CVE-2021-27272

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.1

problemtype:Path traversal (CWE-22) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-386505 // JVNDB: JVNDB-2021-004810 // NVD: CVE-2021-27272

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-1559

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202103-1559

PATCH

title:Security Advisory for Denial of Service on NMS300, PSV-2020-0537url:https://kb.netgear.com/000062723/Security-Advisory-for-Denial-of-Service-on-NMS300-PSV-2020-0537

Trust: 1.5

title:NETGEAR ProSAFE Network Management System Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145791

Trust: 0.6

sources: ZDI: ZDI-21-355 // JVNDB: JVNDB-2021-004810 // CNNVD: CNNVD-202103-1559

EXTERNAL IDS

db:NVDid:CVE-2021-27272

Trust: 3.3

db:ZDIid:ZDI-21-355

Trust: 3.3

db:JVNDBid:JVNDB-2021-004810

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-12123

Trust: 0.7

db:CNNVDid:CNNVD-202103-1559

Trust: 0.7

db:VULHUBid:VHN-386505

Trust: 0.1

db:VULMONid:CVE-2021-27272

Trust: 0.1

sources: ZDI: ZDI-21-355 // VULHUB: VHN-386505 // VULMON: CVE-2021-27272 // JVNDB: JVNDB-2021-004810 // CNNVD: CNNVD-202103-1559 // NVD: CVE-2021-27272

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-355/

Trust: 3.3

url:https://kb.netgear.com/000062723/security-advisory-for-denial-of-service-on-nms300-psv-2020-0537

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-27272

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: ZDI: ZDI-21-355 // VULHUB: VHN-386505 // VULMON: CVE-2021-27272 // JVNDB: JVNDB-2021-004810 // CNNVD: CNNVD-202103-1559 // NVD: CVE-2021-27272

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-21-355

SOURCES

db:ZDIid:ZDI-21-355
db:VULHUBid:VHN-386505
db:VULMONid:CVE-2021-27272
db:JVNDBid:JVNDB-2021-004810
db:CNNVDid:CNNVD-202103-1559
db:NVDid:CVE-2021-27272

LAST UPDATE DATE

2024-11-23T21:50:56.845000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-355date:2021-03-26T00:00:00
db:VULHUBid:VHN-386505date:2021-03-30T00:00:00
db:VULMONid:CVE-2021-27272date:2021-03-30T00:00:00
db:JVNDBid:JVNDB-2021-004810date:2021-11-30T08:35:00
db:CNNVDid:CNNVD-202103-1559date:2021-03-31T00:00:00
db:NVDid:CVE-2021-27272date:2024-11-21T05:57:44.233

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-355date:2021-03-26T00:00:00
db:VULHUBid:VHN-386505date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-27272date:2021-03-29T00:00:00
db:JVNDBid:JVNDB-2021-004810date:2021-11-30T00:00:00
db:CNNVDid:CNNVD-202103-1559date:2021-03-26T00:00:00
db:NVDid:CVE-2021-27272date:2021-03-29T21:15:13.017