github - ghsa-4rh6-rgjc-525r

ghsa-4rh6-rgjc-525r

Vulnerability from github

Published

2022-05-24 22:28

Modified

2022-05-24 22:28

Details

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router’s management portal, such as making configuration changes, changing administrator credentials, and running system commands on the router.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-38480"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-19T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "InHand Networks IR615 Router\u0027s Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router\u2019s management portal, such as making configuration changes, changing administrator credentials, and running system commands on the router.",
  "id": "GHSA-4rh6-rgjc-525r",
  "modified": "2022-05-24T22:28:12Z",
  "published": "2022-05-24T22:28:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-38480"
    },
    {
      "type": "WEB",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2021-38480 (GCVE-0-2021-38480)

Vulnerability from cvelistv5

Published

2021-10-19 12:11

Modified

2024-09-17 03:13

Severity ?

9.6 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-352 - CROSS-SITE REQUEST FORGERY (CSRF)

Summary

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router’s management portal, such as making configuration changes, changing administrator credentials, and running system commands on the router.

References

►

URL

Tags

https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	InHand Networks	IR615 Router	Version: 2.3.0.r4724 and 2.3.0.r4870

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:44:22.514Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IR615 Router",
          "vendor": "InHand Networks",
          "versions": [
            {
              "status": "affected",
              "version": "2.3.0.r4724 and 2.3.0.r4870"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
        }
      ],
      "datePublic": "2021-10-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "InHand Networks IR615 Router\u0027s Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router\u2019s management portal, such as making configuration changes, changing administrator credentials, and running system commands on the router."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CROSS-SITE REQUEST FORGERY (CSRF) CWE-352",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-19T12:11:08",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05"
        }
      ],
      "source": {
        "advisory": "ICSA-21-280-05",
        "discovery": "UNKNOWN"
      },
      "title": "InHand Networks IR615 Router",
      "workarounds": [
        {
          "lang": "en",
          "value": "InHand Networks has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact InHand Networks customer support."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "DATE_PUBLIC": "2021-10-07T20:12:00.000Z",
          "ID": "CVE-2021-38480",
          "STATE": "PUBLIC",
          "TITLE": "InHand Networks IR615 Router"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IR615 Router",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "2.3.0.r4724 and 2.3.0.r4870"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "InHand Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "InHand Networks IR615 Router\u0027s Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to cross-site request forgery when unauthorized commands are submitted from a user the web application trusts. This may allow an attacker to remotely perform actions on the router\u2019s management portal, such as making configuration changes, changing administrator credentials, and running system commands on the router."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CROSS-SITE REQUEST FORGERY (CSRF) CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05",
              "refsource": "MISC",
              "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-280-05"
            }
          ]
        },
        "source": {
          "advisory": "ICSA-21-280-05",
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "InHand Networks has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of this affected product are invited to contact InHand Networks customer support."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2021-38480",
    "datePublished": "2021-10-19T12:11:08.830902Z",
    "dateReserved": "2021-08-10T00:00:00",
    "dateUpdated": "2024-09-17T03:13:52.768Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.