Details of VAR-202106-1098

ID

VAR-202106-1098

CVE

CVE-2021-35973

TITLE

NETGEAR WAC104 Authentication vulnerability in device

Trust: 0.8

sources: JVNDB: JVNDB-2021-008865

DESCRIPTION

NETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the &currentsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. This directly allows the attacker to change the web UI password, and eventually to enable debug mode (telnetd) and gain a shell on the device as the admin limited-user account (however, escalation to root is simple because of weak permissions on the /etc/ directory). NETGEAR WAC104 There is an authentication vulnerability in the device.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. NETGEAR WAC104 is a wireless access point (AP) from Netgear

Trust: 2.25

sources: NVD: CVE-2021-35973 // JVNDB: JVNDB-2021-008865 // CNVD: CNVD-2022-06701 // VULMON: CVE-2021-35973

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-06701

AFFECTED PRODUCTS

vendor:	netgear	model:	wac104	scope:	lt	version:	1.0.4.15	Trust: 1.6
vendor:	ネットギア	model:	wac104	scope:	eq	version:	-	Trust: 0.8
vendor:	ネットギア	model:	wac104	scope:	eq	version:	wac104 firmware 1.0.4.15	Trust: 0.8

sources: CNVD: CNVD-2022-06701 // JVNDB: JVNDB-2021-008865 // NVD: CVE-2021-35973

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-35973
value:	CRITICAL
Trust: 1.0
cve@mitre.org:	CVE-2021-35973
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2021-35973
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2022-06701
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-202106-1999
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2021-35973
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-35973
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2022-06701
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-35973
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2021-008865
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-06701 // VULMON: CVE-2021-35973 // JVNDB: JVNDB-2021-008865 // CNNVD: CNNVD-202106-1999 // NVD: CVE-2021-35973 // NVD: CVE-2021-35973

PROBLEMTYPE DATA

problemtype:	CWE-697	Trust: 1.0
problemtype:	Improper authentication (CWE-287) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-008865 // NVD: CVE-2021-35973

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202106-1999

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202106-1999

PATCH

title:	Top Page	url:	https://www.netgear.com/	Trust: 0.8
title:	Patch for NETGEAR WAC104 Authentication Bypass Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/316111	Trust: 0.6
title:	Netgear NETGEAR WAC104 Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=155610	Trust: 0.6
title:	SecBooks SecBooks目录	url:	https://github.com/SexyBeast233/SecBooks	Trust: 0.1

sources: CNVD: CNVD-2022-06701 // VULMON: CVE-2021-35973 // JVNDB: JVNDB-2021-008865 // CNNVD: CNNVD-202106-1999

EXTERNAL IDS

db:	NVD	id:	CVE-2021-35973	Trust: 3.9
db:	JVNDB	id:	JVNDB-2021-008865	Trust: 0.8
db:	CNVD	id:	CNVD-2022-06701	Trust: 0.6
db:	CNNVD	id:	CNNVD-202106-1999	Trust: 0.6
db:	VULMON	id:	CVE-2021-35973	Trust: 0.1

sources: CNVD: CNVD-2022-06701 // VULMON: CVE-2021-35973 // JVNDB: JVNDB-2021-008865 // CNNVD: CNNVD-202106-1999 // NVD: CVE-2021-35973

REFERENCES

url:	https://gynvael.coldwind.pl/?lang=en&id=736	Trust: 2.5
url:	https://kb.netgear.com/000063785/security-advisory-for-authentication-bypass-on-wac104-psv-2021-0075	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2021-35973	Trust: 1.4
url:	https://gynvael.coldwind.pl/?lang=en&id;=736	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/697.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/sexybeast233/secbooks	Trust: 0.1

sources: CNVD: CNVD-2022-06701 // VULMON: CVE-2021-35973 // JVNDB: JVNDB-2021-008865 // CNNVD: CNNVD-202106-1999 // NVD: CVE-2021-35973

SOURCES

db:	CNVD	id:	CNVD-2022-06701
db:	VULMON	id:	CVE-2021-35973
db:	JVNDB	id:	JVNDB-2021-008865
db:	CNNVD	id:	CNNVD-202106-1999
db:	NVD	id:	CVE-2021-35973

LAST UPDATE DATE

2024-08-14T14:11:21.989000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-06701	date:	2022-01-25T00:00:00
db:	VULMON	id:	CVE-2021-35973	date:	2022-07-12T00:00:00
db:	JVNDB	id:	JVNDB-2021-008865	date:	2022-03-29T09:13:00
db:	CNNVD	id:	CNNVD-202106-1999	date:	2022-07-14T00:00:00
db:	NVD	id:	CVE-2021-35973	date:	2022-07-12T17:42:04.277

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-06701	date:	2022-01-25T00:00:00
db:	VULMON	id:	CVE-2021-35973	date:	2021-06-30T00:00:00
db:	JVNDB	id:	JVNDB-2021-008865	date:	2022-03-29T00:00:00
db:	CNNVD	id:	CNNVD-202106-1999	date:	2021-06-30T00:00:00
db:	NVD	id:	CVE-2021-35973	date:	2021-06-30T15:15:10.607