CVE-2021-39244 : Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on A

Authenticated Semi-Blind Command Injection (via Parameter Injection) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via the getlogs.cgi tcpdump feature. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0, Nexto NX5101 1.8.11.0, Nexto NX5110 1.1.2.8, Nexto NX5210 1.1.2.8, Nexto Xpress XP300 1.8.11.0, Nexto Xpress XP315 1.8.11.0, Nexto Xpress XP325 1.8.11.0, Nexto Xpress XP340 1.8.11.0, and Hadron Xtorm HX3040 1.7.58.0.

Published 2021-08-23 05:15:08

Updated 2021-08-26 19:13:36

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2021-39244

Altus » Nexto Nx3003 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_nx3003_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx3003 » Version: N/A
Altus » Nexto Nx3004 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_nx3004_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx3004 » Version: N/A
Altus » Nexto Nx3005 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_nx3005_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx3005 » Version: N/A
Altus » Nexto Nx3010 Firmware » Version: 1.8.3.0
cpe:2.3:o:altus:nexto_nx3010_firmware:1.8.3.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx3010 » Version: N/A
Altus » Nexto Nx3020 Firmware » Version: 1.8.3.0
cpe:2.3:o:altus:nexto_nx3020_firmware:1.8.3.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx3020 » Version: N/A
Altus » Nexto Nx3030 Firmware » Version: 1.8.3.0
cpe:2.3:o:altus:nexto_nx3030_firmware:1.8.3.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx3030 » Version: N/A
Altus » Nexto Nx5100 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_nx5100_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx5100 » Version: N/A
Altus » Nexto Nx5101 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_nx5101_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx5101 » Version: N/A
Altus » Nexto Nx5110 Firmware » Version: 1.1.2.8
cpe:2.3:o:altus:nexto_nx5110_firmware:1.1.2.8:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx5110 » Version: N/A
Altus » Nexto Nx5210 Firmware » Version: 1.1.2.8
cpe:2.3:o:altus:nexto_nx5210_firmware:1.1.2.8:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Nx5210 » Version: N/A
Altus » Nexto Xpress Xp300 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_xpress_xp300_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Xpress Xp300 » Version: N/A
Altus » Nexto Xpress Xp315 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_xpress_xp315_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Xpress Xp315 » Version: N/A
Altus » Nexto Xpress Xp325 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_xpress_xp325_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Xpress Xp325 » Version: N/A
Altus » Nexto Xpress Xp340 Firmware » Version: 1.8.11.0
cpe:2.3:o:altus:nexto_xpress_xp340_firmware:1.8.11.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Nexto Xpress Xp340 » Version: N/A
Altus » Hadron Xtorm Hx3040 Firmware » Version: 1.7.58.0
cpe:2.3:o:altus:hadron_xtorm_hx3040_firmware:1.7.58.0:*:*:*:*:*:*:*
Matching versions
When used together with: Altus » Hadron Xtorm Hx3040 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-39244

EPSS FAQ

16.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-39244

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C	8.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.8	HIGH	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	2.8	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-39244

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-39244

https://www.altus.com.br/

Altus Sistemas de Automação | Altus
Vendor Advisory

CVEs referencing this url
https://seclists.org/fulldisclosure/2021/Aug/21

Full Disclosure: SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series
Exploit;Mailing List;Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-39244

Products affected by CVE-2021-39244

Exploit prediction scoring system (EPSS) score for CVE-2021-39244

CVSS scores for CVE-2021-39244

CWE ids for CVE-2021-39244

References for CVE-2021-39244