fkie_cve-2021-27857
Vulnerability from fkie_nvd
Published
2021-12-15 20:15
Modified
2024-11-21 05:58
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. The attacker needs to know or correctly guess the hostname of the target system since the hostname is used as part of the configuration archive file name. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA003.
References
▼ | URL | Tags | |
---|---|---|---|
cret@cert.org | https://www.fatpipeinc.com/support/cve-list.php | Vendor Advisory | |
cret@cert.org | https://www.zeroscience.mk/codes/fatpipe_configdl.txt | Third Party Advisory | |
cret@cert.org | https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.fatpipeinc.com/support/cve-list.php | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zeroscience.mk/codes/fatpipe_configdl.txt | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php | Third Party Advisory |
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:5.2.0:r34:*:*:*:*:*:*", "matchCriteriaId": "C11DB09F-2C14-470E-88B9-19AA1CB9D13A", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p26:*:*:*:*:*:*", "matchCriteriaId": "8B1511DD-B05D-4441-9FEE-4AE5B99AD765", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p45-m:*:*:*:*:*:*", "matchCriteriaId": "A544091F-16BB-4942-8C5D-78BAB27763D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p75-m:*:*:*:*:*:*", "matchCriteriaId": "CF6314CA-0BC5-4EA8-8169-5A3AA83EDC2A", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:7.1.2:r39:*:*:*:*:*:*", "matchCriteriaId": "FE36BBDB-5A65-4F61-8749-883E59300639", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r129:*:*:*:*:*:*", "matchCriteriaId": "A79A392B-0607-4C83-8D1F-45F99354CF93", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r144:*:*:*:*:*:*", "matchCriteriaId": "39FD234C-69BF-4A59-A5B6-BA962D4A86EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r150:*:*:*:*:*:*", "matchCriteriaId": "1A2B1AB1-BF7C-4BD6-819A-A71340D00BD0", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r156:*:*:*:*:*:*", "matchCriteriaId": "6C72012D-F06D-40BB-B361-44CE980C7B4D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p12:*:*:*:*:*:*", "matchCriteriaId": "961268B1-E804-4291-AA38-F2905B98285F", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p16:*:*:*:*:*:*", "matchCriteriaId": "87F0BAD3-7145-496C-823D-C035AB73D5CB", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p17:*:*:*:*:*:*", "matchCriteriaId": "86FA270B-1EEF-4506-B3F8-0019E1965E12", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p2:*:*:*:*:*:*", "matchCriteriaId": "D6DAAB93-C2E9-4097-BB7E-A22C37860302", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p20:*:*:*:*:*:*", "matchCriteriaId": "BD8347A2-BAF5-420D-A52A-2A7B1BFE5619", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p26:*:*:*:*:*:*", "matchCriteriaId": "FF28B01F-9E9C-4703-9418-5CDA93305885", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p3:*:*:*:*:*:*", "matchCriteriaId": "EA076D5B-9EDA-4DCB-BF15-5C361DE6F975", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164:*:*:*:*:*:*", "matchCriteriaId": "63B936C2-F61D-4E75-B7F7-4DD4A9735FB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p4:*:*:*:*:*:*", "matchCriteriaId": "54ED4A12-F805-4A79-B083-0473BD5003EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p5:*:*:*:*:*:*", "matchCriteriaId": "BFEE2206-4D60-4C9E-A874-A4F23FF59059", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r165:*:*:*:*:*:*", "matchCriteriaId": "77D045E8-12A8-4EDF-A423-F840CB2CF0AA", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r180p2:*:*:*:*:*:*", "matchCriteriaId": "9A22D90B-E219-47A3-8396-820CD58A052A", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r185:*:*:*:*:*:*", "matchCriteriaId": "682F18C0-D9CD-44BC-8C72-A50F4B4741CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p10:*:*:*:*:*:*", "matchCriteriaId": "22CA1387-CD4F-45AE-A9CC-68E5538CDA49", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p13:*:*:*:*:*:*", "matchCriteriaId": "5E46BE6C-734A-4D81-9BFB-24160B9A2477", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p32:*:*:*:*:*:*", "matchCriteriaId": "BC05A847-376E-48C1-B7BC-1095610FF846", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p35:*:*:*:*:*:*", "matchCriteriaId": "74A68C7C-DF85-4EB4-85EE-C98646D5C46F", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p45:*:*:*:*:*:*", "matchCriteriaId": "57876C43-071C-46FE-9A40-779F95DDCA93", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p55:*:*:*:*:*:*", "matchCriteriaId": "30503A37-B4CB-45FF-81E6-9967BEEB1A5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58:*:*:*:*:*:*", "matchCriteriaId": "C44ABAF5-2B4C-4C44-8BF5-4F15E35BAD84", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58s1:*:*:*:*:*:*", "matchCriteriaId": "CDBC02C3-09AF-4AD7-B1D6-D4C82DFD7BAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p65:*:*:*:*:*:*", "matchCriteriaId": "A12609EA-15AD-4215-9662-A93906593DB1", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p71:*:*:*:*:*:*", "matchCriteriaId": "A34C4419-C0AB-4A10-A5A3-E9DCD1A69B6D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p82:*:*:*:*:*:*", "matchCriteriaId": "234EE25D-AEAF-4D3F-B1B8-BEDFBB93CA61", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r10:*:*:*:*:*:*", "matchCriteriaId": "D29250D9-4635-4BBB-9D1C-289C7ADFEAE5", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r25:*:*:*:*:*:*", "matchCriteriaId": "F8BD7D98-B18F-4FB9-B63D-7298033D8F38", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r38:*:*:*:*:*:*", "matchCriteriaId": "4BFBA83C-C03A-4C5E-ACBC-8BEC41B901F7", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:fatpipeinc:ipvpn:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0CAF1D0-9EC6-4959-973C-6C37E3B2E6E0", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:5.2.0:r34:*:*:*:*:*:*", "matchCriteriaId": "6CC854BA-4F7B-482F-B13F-B16E99C00ECD", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p26:*:*:*:*:*:*", "matchCriteriaId": "B0F4857C-0262-4D50-A209-B731CE4DE4C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p45-m:*:*:*:*:*:*", "matchCriteriaId": "00BDFE07-2443-4B79-A9CB-F3F03A0AA313", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p75-m:*:*:*:*:*:*", "matchCriteriaId": "CD497063-FA78-4AAC-807F-C03771781D15", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:7.1.2:r39:*:*:*:*:*:*", "matchCriteriaId": "2D5E161C-B6B6-40E8-B0E8-AEB72998119E", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r129:*:*:*:*:*:*", "matchCriteriaId": "2EA6CD57-2FC4-4D38-B3BC-2BE458672BC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r144:*:*:*:*:*:*", "matchCriteriaId": "5D6D61B6-78CF-47A5-B18D-394803F768B7", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r150:*:*:*:*:*:*", "matchCriteriaId": "8FAB00D7-319D-4628-819E-608A4392E901", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r156:*:*:*:*:*:*", "matchCriteriaId": "58B8C748-C873-4611-9D25-FF73439F6559", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p12:*:*:*:*:*:*", "matchCriteriaId": "0FBE83D2-96E7-489E-A7A1-D02193D022A2", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p16:*:*:*:*:*:*", "matchCriteriaId": "532021A2-9D2C-4365-AA76-8B9F1E3401D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p17:*:*:*:*:*:*", "matchCriteriaId": "561F487C-3FCE-4F68-ADEF-61A807E18A2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p2:*:*:*:*:*:*", "matchCriteriaId": "44135F5A-96DC-471E-9A7C-48EA124E5DBB", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p20:*:*:*:*:*:*", "matchCriteriaId": "34A8EC2F-BB91-448E-B21C-2D7822CA04F2", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p26:*:*:*:*:*:*", "matchCriteriaId": "20810603-1A08-4AEE-A6C5-EFEDB3C923BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p3:*:*:*:*:*:*", "matchCriteriaId": "37C5C6DC-5FBA-4D8D-ADEF-F8DB232001C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164:*:*:*:*:*:*", "matchCriteriaId": "12B67BB1-3943-4F30-8470-FF3E446F5E3F", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p4:*:*:*:*:*:*", "matchCriteriaId": "72F686C1-E970-41CF-A5F6-842E0B15D85E", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p5:*:*:*:*:*:*", "matchCriteriaId": "19E99ECD-6D6C-4290-9D41-47CFA9373B41", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r165:*:*:*:*:*:*", "matchCriteriaId": "D9D58BE6-BE5C-48A2-AE61-FFC0612AEFB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r180p2:*:*:*:*:*:*", "matchCriteriaId": "072EF984-3F4F-44ED-BFE4-78E063B474BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r185:*:*:*:*:*:*", "matchCriteriaId": "DAD39775-38AC-439A-96F4-7DAD9A2E1537", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p10:*:*:*:*:*:*", "matchCriteriaId": "AC62B752-36D4-4F2F-ACA0-4D693FC6315C", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p13:*:*:*:*:*:*", "matchCriteriaId": "239431AD-427E-40C9-9DEA-F4B2B8734529", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p32:*:*:*:*:*:*", "matchCriteriaId": "40E8F365-0C9D-473F-A5F6-E05872B3A925", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p35:*:*:*:*:*:*", "matchCriteriaId": "597A3F8A-1538-4B71-8D4D-2966F49E023B", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p45:*:*:*:*:*:*", "matchCriteriaId": "F2991483-7274-4FA9-AA96-7BD0C2715FCC", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p55:*:*:*:*:*:*", "matchCriteriaId": "23CA58A4-64A3-47B7-A4A0-8A6D9513A16C", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58:*:*:*:*:*:*", "matchCriteriaId": "22A27D18-8022-4B5C-9314-A087674C14A6", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58s1:*:*:*:*:*:*", "matchCriteriaId": "C11B36AB-043E-4DE8-AFCC-92E3092C0E26", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p65:*:*:*:*:*:*", "matchCriteriaId": "39FEF22E-F568-40E6-8BBF-D52600DE082D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p71:*:*:*:*:*:*", "matchCriteriaId": "1D9DF278-ECE1-4530-BCE4-95266340BE47", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p82:*:*:*:*:*:*", "matchCriteriaId": "11649A08-A14B-46C8-97DB-9EB5FB7BF25B", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r10:*:*:*:*:*:*", "matchCriteriaId": "D23782A1-EA7E-4B22-8943-F69510673CBA", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r25:*:*:*:*:*:*", "matchCriteriaId": "F7B5F773-EC27-475A-ADE3-E4A33D1DFA64", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r38:*:*:*:*:*:*", "matchCriteriaId": "60D7B24F-0075-4362-9F07-A0C55F07FA9F", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:fatpipeinc:mpvpn:-:*:*:*:*:*:*:*", "matchCriteriaId": "11AA0180-8172-4021-AADF-7BAB1CA1BA96", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:5.2.0:r34:*:*:*:*:*:*", "matchCriteriaId": "2779B6CB-CF0B-444A-A658-CB8D550FD147", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p26:*:*:*:*:*:*", "matchCriteriaId": "A8D0375A-3A01-445E-A95C-7E476CD4047E", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p45-m:*:*:*:*:*:*", "matchCriteriaId": "F9B63E36-32CA-4818-8BAC-5862188DFE6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p75-m:*:*:*:*:*:*", "matchCriteriaId": "8495282B-C4C3-44FE-8D6F-00AD59662A24", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:7.1.2:r39:*:*:*:*:*:*", "matchCriteriaId": "5A2CBBCD-5D2E-4349-889A-F3F20ABDC1A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r129:*:*:*:*:*:*", "matchCriteriaId": "18525C9D-D44D-4E0C-98A1-2389C257FFC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r144:*:*:*:*:*:*", "matchCriteriaId": "C4E22F42-D478-4E30-AD9C-50A4E799940B", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r150:*:*:*:*:*:*", "matchCriteriaId": "AD864580-CF91-412C-A62E-3E7252DF91FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r156:*:*:*:*:*:*", "matchCriteriaId": "A14E5ABD-D2D4-4758-B18B-3CA0323D9518", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p12:*:*:*:*:*:*", "matchCriteriaId": "C8EB1872-FE49-48EE-AF78-9373780F7D93", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p16:*:*:*:*:*:*", "matchCriteriaId": "B11060EA-6755-4FC3-A305-E944861EDDB4", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p17:*:*:*:*:*:*", "matchCriteriaId": "A20EF491-1355-4489-A839-69B46C70CC7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p2:*:*:*:*:*:*", "matchCriteriaId": "E4C0EABF-3D71-4EC9-B400-A4F043745B3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p20:*:*:*:*:*:*", "matchCriteriaId": "D99D631C-1596-4A7F-BF10-E69A1EB35C55", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p26:*:*:*:*:*:*", "matchCriteriaId": "7ECBD142-1C63-4FA1-BF2F-7DEE7730FC15", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p3:*:*:*:*:*:*", "matchCriteriaId": "645624F5-234D-4950-9385-7151C47C8621", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164:*:*:*:*:*:*", "matchCriteriaId": "C387783D-8402-46F2-AF87-73E8CD5BE097", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p4:*:*:*:*:*:*", "matchCriteriaId": "040AF513-BC93-4B5F-A10A-915E4A711C1B", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p5:*:*:*:*:*:*", "matchCriteriaId": "7688DC18-49BE-4F9C-A8B9-A5F84C093D17", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r165:*:*:*:*:*:*", "matchCriteriaId": "AF508B6C-23B7-444E-A9F4-400CA4D85431", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r180p2:*:*:*:*:*:*", "matchCriteriaId": "1E80C09C-42A5-4AD2-9DEA-EB64AED72246", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r185:*:*:*:*:*:*", "matchCriteriaId": "05E59433-8420-451C-AA76-78AF013F7AFA", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p10:*:*:*:*:*:*", "matchCriteriaId": "7A480CA1-79C6-43C3-B142-BD30FE00EA95", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p13:*:*:*:*:*:*", "matchCriteriaId": "36582BDF-9829-495C-A027-9F0F1DE78093", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p32:*:*:*:*:*:*", "matchCriteriaId": "66D454E0-7E23-494C-BBCB-D56FF3FAD754", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p35:*:*:*:*:*:*", "matchCriteriaId": "2B577293-9B56-44A5-A91C-8B2D885B0B7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p45:*:*:*:*:*:*", "matchCriteriaId": "76EC4FBC-48B9-46A7-93D6-F6812A25CC1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p55:*:*:*:*:*:*", "matchCriteriaId": "143AAD4E-163B-4D30-9A5B-2ED6A48681C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58:*:*:*:*:*:*", "matchCriteriaId": "1820F183-B5D5-4828-93D7-CEC6B7FE0176", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58s1:*:*:*:*:*:*", "matchCriteriaId": "F8D59DA4-8DF8-46D2-A77C-7785BD253168", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p65:*:*:*:*:*:*", "matchCriteriaId": "1D7E2B2B-798F-4A39-BA9E-FAD53AC561D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p71:*:*:*:*:*:*", "matchCriteriaId": "B418905D-675D-4E3D-840F-45F2C3FF1855", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p82:*:*:*:*:*:*", "matchCriteriaId": "BB2984C2-9C12-4926-BF31-AE064AAE9F45", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r10:*:*:*:*:*:*", "matchCriteriaId": "2F614A03-CAF0-43EB-BAF4-E0A9EA1CF522", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r25:*:*:*:*:*:*", "matchCriteriaId": "8068BA02-8996-436D-B9DF-373AECF61A45", "vulnerable": true }, { "criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r38:*:*:*:*:*:*", "matchCriteriaId": "C56FE165-AFA7-4E47-9BB3-3326086D5C45", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:h:fatpipeinc:warp:-:*:*:*:*:*:*:*", "matchCriteriaId": "F56A62D9-6FE7-4062-9D83-75BFE14A0E83", "vulnerable": false } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. The attacker needs to know or correctly guess the hostname of the target system since the hostname is used as part of the configuration archive file name. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA003." }, { "lang": "es", "value": "Una vulnerabilidad de falta de autorizaci\u00f3n en la interfaz de administraci\u00f3n web del software FatPipe WARP, IPVPN y MPVPN versiones anteriores a 10.1.2r60p91 y 10.2.2r42, permite a un atacante remoto no autenticado descargar un archivo de configuraci\u00f3n. El atacante necesita conocer o adivinar correctamente el nombre de host del sistema de destino, ya que el nombre de host es usado como parte del nombre del archivo de configuraci\u00f3n. Las versiones m\u00e1s antiguas del software FatPipe tambi\u00e9n pueden ser vulnerables. El identificador de asesoramiento de FatPipe para esta vulnerabilidad es FPSA003" } ], "id": "CVE-2021-27857", "lastModified": "2024-11-21T05:58:39.150", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "cret@cert.org", "type": "Secondary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2021-12-15T20:15:08.057", "references": [ { "source": "cret@cert.org", "tags": [ "Vendor Advisory" ], "url": "https://www.fatpipeinc.com/support/cve-list.php" }, { "source": "cret@cert.org", "tags": [ "Third Party Advisory" ], "url": "https://www.zeroscience.mk/codes/fatpipe_configdl.txt" }, { "source": "cret@cert.org", "tags": [ "Third Party Advisory" ], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://www.fatpipeinc.com/support/cve-list.php" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.zeroscience.mk/codes/fatpipe_configdl.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php" } ], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-862" } ], "source": "cret@cert.org", "type": "Secondary" }, { "description": [ { "lang": "en", "value": "CWE-862" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.