Sign-up

ID

VAR-202103-0895


CVE

CVE-2021-27275


TITLE

NETGEAR ProSAFE Network Management System  Traversal Vulnerability in Japan

Trust: 0.8

sources: JVNDB: JVNDB-2021-004807

DESCRIPTION

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ConfigFileController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-12125. NETGEAR ProSAFE Network Management System Contains a path traversal vulnerability. Zero Day Initiative To this vulnerability ZDI-CAN-12125 Was numbered.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Netgear NETGEAR is a router made by Netgear. A hardware device that connects two or more networks, acting as a gateway between the networks

Trust: 2.43

sources: NVD: CVE-2021-27275 // JVNDB: JVNDB-2021-004807 // ZDI: ZDI-21-358 // VULHUB: VHN-386508 // VULMON: CVE-2021-27275

AFFECTED PRODUCTS

vendor:netgearmodel:prosafe network management systemscope:eqversion:1.6.0.26

Trust: 1.0

vendor:ネットギアmodel:prosafe network management systemscope:eqversion:1.6.0.26

Trust: 0.8

vendor:ネットギアmodel:prosafe network management systemscope:eqversion: -

Trust: 0.8

vendor:netgearmodel:prosafe network management systemscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-358 // JVNDB: JVNDB-2021-004807 // NVD: CVE-2021-27275

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27275
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2021-27275
value: HIGH

Trust: 1.0

NVD: CVE-2021-27275
value: HIGH

Trust: 0.8

ZDI: CVE-2021-27275
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202103-1564
value: HIGH

Trust: 0.6

VULHUB: VHN-386508
value: MEDIUM

Trust: 0.1

VULMON: CVE-2021-27275
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-27275
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-386508
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

zdi-disclosures@trendmicro.com: CVE-2021-27275
baseSeverity: HIGH
baseScore: 8.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.5
version: 3.0

Trust: 1.8

nvd@nist.gov: CVE-2021-27275
baseSeverity: HIGH
baseScore: 8.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.5
version: 3.1

Trust: 1.0

ZDI: CVE-2021-27275
baseSeverity: HIGH
baseScore: 8.3
vectorString: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.5
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-358 // VULHUB: VHN-386508 // VULMON: CVE-2021-27275 // JVNDB: JVNDB-2021-004807 // CNNVD: CNNVD-202103-1564 // NVD: CVE-2021-27275 // NVD: CVE-2021-27275

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.1

problemtype:Path traversal (CWE-22) [ Other ]

Trust: 0.8

sources: VULHUB: VHN-386508 // JVNDB: JVNDB-2021-004807 // NVD: CVE-2021-27275

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-1564

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202103-1564

PATCH

title:NETGEAR Support (Security Advisory for Denial of Service on NMS300, PSV-2020-0561)url:https://kb.netgear.com/000062687/Security-Advisory-for-Denial-of-Service-on-NMS300-PSV-2020-0561

Trust: 1.5

title:NETGEAR ProSAFE Network Management System Repair measures for path traversal vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145794

Trust: 0.6

sources: ZDI: ZDI-21-358 // JVNDB: JVNDB-2021-004807 // CNNVD: CNNVD-202103-1564

EXTERNAL IDS

db:NVDid:CVE-2021-27275

Trust: 3.3

db:ZDIid:ZDI-21-358

Trust: 3.3

db:JVNDBid:JVNDB-2021-004807

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-12125

Trust: 0.7

db:CNNVDid:CNNVD-202103-1564

Trust: 0.7

db:VULHUBid:VHN-386508

Trust: 0.1

db:VULMONid:CVE-2021-27275

Trust: 0.1

sources: ZDI: ZDI-21-358 // VULHUB: VHN-386508 // VULMON: CVE-2021-27275 // JVNDB: JVNDB-2021-004807 // CNNVD: CNNVD-202103-1564 // NVD: CVE-2021-27275

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-21-358/

Trust: 3.2

url:https://kb.netgear.com/000062687/security-advisory-for-denial-of-service-on-nms300-psv-2020-0561

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-27275

Trust: 1.4

url:https://cwe.mitre.org/data/definitions/22.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/198891

Trust: 0.1

sources: ZDI: ZDI-21-358 // VULHUB: VHN-386508 // VULMON: CVE-2021-27275 // JVNDB: JVNDB-2021-004807 // CNNVD: CNNVD-202103-1564 // NVD: CVE-2021-27275

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-21-358

SOURCES

db:ZDIid:ZDI-21-358
db:VULHUBid:VHN-386508
db:VULMONid:CVE-2021-27275
db:JVNDBid:JVNDB-2021-004807
db:CNNVDid:CNNVD-202103-1564
db:NVDid:CVE-2021-27275

LAST UPDATE DATE

2024-11-23T23:07:38.373000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-21-358date:2021-03-26T00:00:00
db:VULHUBid:VHN-386508date:2021-03-30T00:00:00
db:VULMONid:CVE-2021-27275date:2021-03-30T00:00:00
db:JVNDBid:JVNDB-2021-004807date:2021-11-30T08:35:00
db:CNNVDid:CNNVD-202103-1564date:2021-03-31T00:00:00
db:NVDid:CVE-2021-27275date:2024-11-21T05:57:44.607

SOURCES RELEASE DATE

db:ZDIid:ZDI-21-358date:2021-03-26T00:00:00
db:VULHUBid:VHN-386508date:2021-03-29T00:00:00
db:VULMONid:CVE-2021-27275date:2021-03-29T00:00:00
db:JVNDBid:JVNDB-2021-004807date:2021-11-30T00:00:00
db:CNNVDid:CNNVD-202103-1564date:2021-03-26T00:00:00
db:NVDid:CVE-2021-27275date:2021-03-29T21:15:13.267