CVE-2021-46007

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.

CVSS v3 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://a3100r.com	Broken Link
http://totolink.com	Vendor Advisory
https://hackmd.io/t_nRWxS2Q2O7GV2E5BhQMg	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:totolink:ar3100r_firmware:5.9c.4577:*:*:*:*:*:*:*

cpe:2.3:h:totolink:ar3100r:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-03-30 23:15

Updated : 2022-04-05 19:14

NVD link : CVE-2021-46007

Mitre link : CVE-2021-46007

CVE.ORG link : CVE-2021-46007

JSON object : View

Products Affected

totolink

ar3100r_firmware
ar3100r

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2021-46007", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-03-30T23:15:07.823", "references": [{"url": "http://a3100r.com", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://totolink.com", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://hackmd.io/t_nRWxS2Q2O7GV2E5BhQMg", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the \"ping\" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks."}, {"lang": "es", "value": "totolink a3100r versi\u00f3n V5.9c.4577, es vulnerable a una inyecci\u00f3n de comandos del sistema operativo. El backend de una p\u00e1gina est\u00e1 ejecutando el comando \"ping\", y el campo de entrada no filtra apropiadamente los s\u00edmbolos especiales. Esto puede conllevar a ataques de inyecci\u00f3n de comandos"}], "lastModified": "2022-04-05T19:14:34.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:totolink:ar3100r_firmware:5.9c.4577:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DA62B2B-F7FA-47DC-BC42-8F373DE2B06F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:totolink:ar3100r:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E7F2B0A7-D451-4B77-972F-1438A616E4C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}