Details of VAR-202103-0896

ID

VAR-202103-0896

CVE

CVE-2021-27276

TITLE

NETGEAR ProSAFE Network Management System Traversal Vulnerability in Japan

Trust: 0.8

sources: JVNDB: JVNDB-2021-004806

DESCRIPTION

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System 1.6.0.26. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the MibController class. When parsing the realName parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-12122. Zero Day Initiative To this vulnerability ZDI-CAN-12122 Was numbered.Information is tampered with and denial of service (DoS) It may be put into a state. Netgear NETGEAR is a router made by Netgear. A hardware device that connects two or more networks, acting as a gateway between the networks

Trust: 2.43

sources: NVD: CVE-2021-27276 // JVNDB: JVNDB-2021-004806 // ZDI: ZDI-21-359 // VULHUB: VHN-386509 // VULMON: CVE-2021-27276

AFFECTED PRODUCTS

vendor:	netgear	model:	prosafe network management system	scope:	eq	version:	1.6.0.26	Trust: 1.0
vendor:	ネットギア	model:	prosafe network management system	scope:	eq	version:	1.6.0.26	Trust: 0.8
vendor:	ネットギア	model:	prosafe network management system	scope:	eq	version:	-	Trust: 0.8
vendor:	netgear	model:	prosafe network management system	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-21-359 // JVNDB: JVNDB-2021-004806 // NVD: CVE-2021-27276

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-27276
value:	HIGH
Trust: 1.0
zdi-disclosures@trendmicro.com:	CVE-2021-27276
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-27276
value:	HIGH
Trust: 0.8
ZDI:	CVE-2021-27276
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202103-1565
value:	HIGH
Trust: 0.6
VULHUB:	VHN-386509
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-27276
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-27276
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-386509
severity:	MEDIUM
baseScore:	5.5
vectorString:	AV:N/AC:L/AU:S/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

zdi-disclosures@trendmicro.com:	CVE-2021-27276
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.2
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2021-27276
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.2
version:	3.1
Trust: 1.0
ZDI:	CVE-2021-27276
baseSeverity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	LOW
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	4.2
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-21-359 // VULHUB: VHN-386509 // VULMON: CVE-2021-27276 // JVNDB: JVNDB-2021-004806 // CNNVD: CNNVD-202103-1565 // NVD: CVE-2021-27276 // NVD: CVE-2021-27276

PROBLEMTYPE DATA

problemtype:	CWE-22	Trust: 1.1
problemtype:	Path traversal (CWE-22) [ Other ]	Trust: 0.8

sources: VULHUB: VHN-386509 // JVNDB: JVNDB-2021-004806 // NVD: CVE-2021-27276

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202103-1565

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-202103-1565

PATCH

title:	NETGEAR Support (Security Advisory for Denial of Service on NMS300, PSV-2020-0500)	url:	https://kb.netgear.com/000062722/Security-Advisory-for-Denial-of-Service-on-NMS300-PSV-2020-0500	Trust: 1.5
title:	NETGEAR ProSAFE Network Management System Repair measures for path traversal vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=145795	Trust: 0.6

sources: ZDI: ZDI-21-359 // JVNDB: JVNDB-2021-004806 // CNNVD: CNNVD-202103-1565

EXTERNAL IDS

db:	NVD	id:	CVE-2021-27276	Trust: 3.3
db:	ZDI	id:	ZDI-21-359	Trust: 3.3
db:	JVNDB	id:	JVNDB-2021-004806	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-12122	Trust: 0.7
db:	CNNVD	id:	CNNVD-202103-1565	Trust: 0.7
db:	VULHUB	id:	VHN-386509	Trust: 0.1
db:	VULMON	id:	CVE-2021-27276	Trust: 0.1

sources: ZDI: ZDI-21-359 // VULHUB: VHN-386509 // VULMON: CVE-2021-27276 // JVNDB: JVNDB-2021-004806 // CNNVD: CNNVD-202103-1565 // NVD: CVE-2021-27276

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-21-359/	Trust: 3.3
url:	https://kb.netgear.com/000062722/security-advisory-for-denial-of-service-on-nms300-psv-2020-0500	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2021-27276	Trust: 1.4
url:	https://cwe.mitre.org/data/definitions/22.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: ZDI: ZDI-21-359 // VULHUB: VHN-386509 // VULMON: CVE-2021-27276 // JVNDB: JVNDB-2021-004806 // CNNVD: CNNVD-202103-1565 // NVD: CVE-2021-27276

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-21-359

SOURCES

db:	ZDI	id:	ZDI-21-359
db:	VULHUB	id:	VHN-386509
db:	VULMON	id:	CVE-2021-27276
db:	JVNDB	id:	JVNDB-2021-004806
db:	CNNVD	id:	CNNVD-202103-1565
db:	NVD	id:	CVE-2021-27276

LAST UPDATE DATE

2024-11-23T22:37:03.415000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-21-359	date:	2021-03-26T00:00:00
db:	VULHUB	id:	VHN-386509	date:	2021-03-30T00:00:00
db:	VULMON	id:	CVE-2021-27276	date:	2021-03-30T00:00:00
db:	JVNDB	id:	JVNDB-2021-004806	date:	2021-11-30T08:35:00
db:	CNNVD	id:	CNNVD-202103-1565	date:	2021-03-31T00:00:00
db:	NVD	id:	CVE-2021-27276	date:	2024-11-21T05:57:44.733

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-21-359	date:	2021-03-26T00:00:00
db:	VULHUB	id:	VHN-386509	date:	2021-03-29T00:00:00
db:	VULMON	id:	CVE-2021-27276	date:	2021-03-29T00:00:00
db:	JVNDB	id:	JVNDB-2021-004806	date:	2021-11-30T00:00:00
db:	CNNVD	id:	CNNVD-202103-1565	date:	2021-03-26T00:00:00
db:	NVD	id:	CVE-2021-27276	date:	2021-03-29T21:15:13.437