PT-2021-22489 · Nexto+1 · Nexto Xpress Xp340+14
D. Teuchert
+1
·
Published
2021-08-23
·
Updated
2021-08-26
·
CVE-2021-39244
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Nexto NX3003 version 1.8.11.0
Nexto NX3004 version 1.8.11.0
Nexto NX3005 version 1.8.11.0
Nexto NX3010 version 1.8.3.0
Nexto NX3020 version 1.8.3.0
Nexto NX3030 version 1.8.3.0
Nexto NX5100 version 1.8.11.0
Nexto NX5101 version 1.8.11.0
Nexto NX5110 version 1.1.2.8
Nexto NX5210 version 1.1.2.8
Nexto Xpress XP300 version 1.8.11.0
Nexto Xpress XP315 version 1.8.11.0
Nexto Xpress XP325 version 1.8.11.0
Nexto Xpress XP340 version 1.8.11.0
Hadron Xtorm HX3040 version 1.7.58.0
Description
Authenticated Semi-Blind Command Injection exists via the getlogs.cgi tcpdump feature on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices.
Recommendations
For Nexto NX3003 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX3004 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX3005 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX3010 version 1.8.3.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX3020 version 1.8.3.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX3030 version 1.8.3.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX5100 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX5101 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX5110 version 1.1.2.8, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto NX5210 version 1.1.2.8, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto Xpress XP300 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto Xpress XP315 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto Xpress XP325 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Nexto Xpress XP340 version 1.8.11.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
For Hadron Xtorm HX3040 version 1.7.58.0, consider disabling the getlogs.cgi tcpdump feature until a patch is available.
Exploit
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hadron Xtorm Hx3040
Nexto Nx3003
Nexto Nx3004
Nexto Nx3005
Nexto Nx3010
Nexto Nx3020
Nexto Nx3030
Nexto Nx5100
Nexto Nx5101
Nexto Nx5110
Nexto Nx5210
Nexto Xpress Xp300
Nexto Xpress Xp315
Nexto Xpress Xp325
Nexto Xpress Xp340