PT-2021-21687 · Cradlepoint · Cradlepoint Ibr900-600

Published

2021-11-07

Updated

2022-07-12

CVE-2021-37471

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cradlepoint IBR900-600 versions prior to 7.21.10

Description A restricted shell escape sequence issue allows an attacker to deny availability to the device's NetCloud Manager console, local console, and SSH command-line. This can lead to a loss of access to the device.

Recommendations For versions prior to 7.21.10, update to version 7.21.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the device's console and SSH command-line to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-37471

Affected Products

Cradlepoint Ibr900-600

PT-2021-21687 · Cradlepoint · Cradlepoint Ibr900-600

CVE-2021-37471

Related Identifiers

Affected Products

References · 5