Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Arcadyan-based routers and modems vulnerable to authentication bypass
Informations
Name VU#914124 First vendor Publication 2021-07-20
Vendor VU-CERT Last vendor Modification 2021-10-07
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 9.8
Base Score 9.8 Environmental Score 9.8
impact SubScore 5.9 Temporal Score 9.8
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Overview

A path traversal vulnerability exists in numerous routers manufactured by multiple vendors using Arcadyan based software. This vulnerability allows an unauthenticated user access to sensitive information and allows for the alteration of the router configuration.

Description

The vulnerability, identified as CVE-2021-20090, is a path traversal vulnerability. An unauthenticated attacker is able to leverage this vulnerability to access resources that would normally be protected. The researcher initially thought it was limited to one router manufacturer and published their findings, but then discovered that the issue existed in the Arcadyan based software that was being used in routers from multiple vendors.

Impact

Successful exploitation of this vulnerability could allow an attacker to access pages that would otherwise require authentication. An unauthenticated attacker could gain access to sensitive information, including valid request tokens, which could be used to make requests to alter router settings.

Solution

The CERT/CC recommends updating your router to the latest available firmware version. It is also recommended to disable the remote (WAN-side) administration services on any SoHo router and also disable the web interface on the WAN.

Acknowledgements

Thanks to the reporter Evan Grant from Tenable.

This document was written by Timur Snoke.

Original Source

Url : https://kb.cert.org/vuls/id/914124

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
Date Informations
2021-10-08 00:17:42
  • Multiple Updates
2021-09-23 17:17:42
  • Multiple Updates
2021-09-06 21:18:00
  • Multiple Updates
2021-08-18 17:17:40
  • Multiple Updates
2021-08-16 17:17:40
  • Multiple Updates
2021-08-12 17:17:41
  • Multiple Updates
2021-08-11 17:17:42
  • Multiple Updates
2021-08-10 21:17:58
  • Multiple Updates
2021-08-04 17:17:35
  • Multiple Updates
2021-08-03 17:17:38
  • Multiple Updates
2021-07-21 00:17:38
  • First insertion