github - ghsa-37w8-w2xc-r5mg

ghsa-37w8-w2xc-r5mg

Vulnerability from github

Published

2022-05-24 19:06

Modified

2022-10-26 12:00

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-33538"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-25T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.",
  "id": "GHSA-37w8-w2xc-r5mg",
  "modified": "2022-10-26T12:00:31Z",
  "published": "2022-05-24T19:06:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33538"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CVE-2021-33538 (GCVE-0-2021-33538)

Vulnerability from cvelistv5

Published

2021-06-25 18:26

Modified

2024-09-16 23:47

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-269 - Improper Privilege Management

Summary

In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

References

►

URL

Tags

https://cert.vde.com/en-us/advisories/vde-2021-026

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

►

IE-WL(T)-BL-AP-CL-XX

Version: IE-WL-BL-AP-CL-EU (2536600000)   <
Version: IE-WLT-BL-AP-CL-EU (2536650000)   <
Version: IE-WL-BL-AP-CL-US (2536660000)   <
Version: IE-WLT-BL-AP-CL-US (2536670000)   <

IE-WL(T)-VL-AP-CL-XX

Version: IE-WL-VL-AP-BR-CL-EU (2536680000)   <
Version: IE-WLT-VL-AP-BR-CL-EU (2536690000)   <
Version: IE-WL-VL-AP-BR-CL-US (2536700000)   <
Version: IE-WLT-VL-AP-BR-CL-US (2536710000)   <

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:50:43.037Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IE-WL(T)-BL-AP-CL-XX",
          "vendor": "Weidm\u00fcller",
          "versions": [
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WL-BL-AP-CL-EU (2536600000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WLT-BL-AP-CL-EU (2536650000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WL-BL-AP-CL-US (2536660000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.16.18 (Build 18081617)",
              "status": "affected",
              "version": "IE-WLT-BL-AP-CL-US (2536670000)",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "IE-WL(T)-VL-AP-CL-XX",
          "vendor": "Weidm\u00fcller",
          "versions": [
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WL-VL-AP-BR-CL-EU (2536680000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WLT-VL-AP-BR-CL-EU (2536690000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WL-VL-AP-BR-CL-US (2536700000)",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "V1.11.10 (Build 18122616)",
              "status": "affected",
              "version": "IE-WLT-VL-AP-BR-CL-US (2536710000)",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2021-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-25T18:26:02",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "For IE-WL(T)-BL-AP-CL-XX versions V1.16.21 (Build 21010513) and greater are fixed.\nFor IE-WL(T)-VL-AP-CL-XX versions V1.11.13 (Build 21010513) and greater are fixed."
        }
      ],
      "source": {
        "advisory": "VDE-2021-026",
        "defect": [
          "VDE-2021-026"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "WEIDMUELLER: WLAN devices affected by improper access control vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2021-06-23T10:00:00.000Z",
          "ID": "CVE-2021-33538",
          "STATE": "PUBLIC",
          "TITLE": "WEIDMUELLER: WLAN devices affected by improper access control vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IE-WL(T)-BL-AP-CL-XX",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-BL-AP-CL-EU (2536600000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-BL-AP-CL-EU (2536650000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-BL-AP-CL-US (2536660000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-BL-AP-CL-US (2536670000)",
                            "version_value": "V1.16.18 (Build 18081617)"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "IE-WL(T)-VL-AP-CL-XX",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-VL-AP-BR-CL-EU (2536680000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-VL-AP-BR-CL-EU (2536690000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WL-VL-AP-BR-CL-US (2536700000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "IE-WLT-VL-AP-BR-CL-US (2536710000)",
                            "version_value": "V1.11.10 (Build 18122616)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Weidm\u00fcller"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Weidmueller Industrial WLAN devices in multiple versions an exploitable improper access control vulnerability exists in the iw_webs account settings functionality. A specially crafted user name entry can cause the overwrite of an existing user account password, resulting in remote shell access to the device as that user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-269 Improper Privilege Management"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2021-026",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2021-026"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "For IE-WL(T)-BL-AP-CL-XX versions V1.16.21 (Build 21010513) and greater are fixed.\nFor IE-WL(T)-VL-AP-CL-XX versions V1.11.13 (Build 21010513) and greater are fixed."
          }
        ],
        "source": {
          "advisory": "VDE-2021-026",
          "defect": [
            "VDE-2021-026"
          ],
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2021-33538",
    "datePublished": "2021-06-25T18:26:02.939847Z",
    "dateReserved": "2021-05-24T00:00:00",
    "dateUpdated": "2024-09-16T23:47:04.008Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.