Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-27372

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-25 Mar, 2021 | 21:31
Updated At-03 Aug, 2024 | 20:48
Rejected At-
Credits

Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:25 Mar, 2021 | 21:31
Updated At:03 Aug, 2024 | 20:48
Rejected At:
▼CVE Numbering Authority (CNA)

Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdf
x_refsource_MISC
Hyperlink: https://www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdf
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdf
x_refsource_MISC
x_transferred
Hyperlink: https://www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdf
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:25 Mar, 2021 | 22:15
Updated At:30 Mar, 2021 | 20:30

Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Realtek Semiconductor Corp.
realtek
>>xpon_rtl9601d_software_development_kit>>1.9
cpe:2.3:a:realtek:xpon_rtl9601d_software_development_kit:1.9:*:*:*:*:*:*:*
Realtek Semiconductor Corp.
realtek
>>xpon_rtl9601d>>-
cpe:2.3:h:realtek:xpon_rtl9601d:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-522Primarynvd@nist.gov
CWE ID: CWE-522
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdfcve@mitre.org
Vendor Advisory
Hyperlink: https://www.realtek.com/images/safe-report/RTL9601D_CVE-2021-27372.pdf
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

105Records found
CVE-2021-30116
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-10||CRITICAL
EPSS-18.05% / 94.92%
||
7 Day CHG~0.00%
Published-09 Jul, 2021 | 00:00
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6

Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. By default Kaseya VSA on premise offers a download page where the clients for the installation can be downloaded. The default URL for this page is https://x.x.x.x/dl.asp When an attacker download a client for Windows and installs it, the file KaseyaD.ini is generated (C:\Program Files (x86)\Kaseya\XXXXXXXXXX\KaseyaD.ini) which contains an Agent_Guid and AgentPassword This Agent_Guid and AgentPassword can be used to log in on dl.asp (https://x.x.x.x/dl.asp?un=840997037507813&pw=113cc622839a4077a84837485ced6b93e440bf66d44057713cb2f95e503a06d9) This request authenticates the client and returns a sessionId cookie that can be used in subsequent attacks to bypass authentication. Security issues discovered --- * Unauthenticated download page leaks credentials * Credentials of agent software can be used to obtain a sessionId (cookie) that can be used for services not intended for use by agents * dl.asp accepts credentials via a GET request * Access to KaseyaD.ini gives an attacker access to sufficient information to penetrate the Kaseya installation and its clients. Impact --- Via the page /dl.asp enough information can be obtained to give an attacker a sessionId that can be used to execute further (semi-authenticated) attacks against the system.

Action-Not Available
Vendor-kaseyan/aKaseya
Product-vsa_agentvsa_servern/aVirtual System/Server Administrator (VSA)
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2021-30167
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-3.02% / 86.08%
||
7 Day CHG~0.00%
Published-28 Apr, 2021 | 09:30
Updated-17 Sep, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken Authentication

The manage users profile services of the network camera device allows an authenticated. Remote attackers can modify URL parameters and further amend user’s information and escalate privileges to control the devices.

Action-Not Available
Vendor-meritlilinMERIT LILIN ENT.CO.,LTD.
Product-p2g1022x_firmwarep2r8822e4_firmwarep3r6322e2_firmwarez2r6422ax-pz3r6422x3z2r6452ax-pp3r8822e2z2r8152x2-p_firmwarep2r6522e2_firmwarez2r8852ax_firmwarep2r6822e2p2g1022z2r8152x-pp3r6522e2_firmwarez2r6522xz2r8152x2-pp2r6852e4p2g1022_firmwarep2r8852e2z2r6422axz3r8922x3p2r6322ae2p2r6852e2_firmwarep2r6522e4p2r6352ae2_firmwarez2r8852axp2r8852e4_firmwarep2r6322ae2_firmwarez2r8822ax_firmwarez2r6522x_firmwarep2g1022xz3r6422x3_firmwarep2r6522e2z2r8122x2-pp2r6822e4p2r6552e4_firmwarez2r8022ex25z2r8052ex25z2r8822axp2r8822e2p2r6552e2z2r8122x-p_firmwarez2r6422ax-p_firmwarep2r6552e2_firmwarez2r6422ax_firmwarep2r6352ae4_firmwarez2r6552xp2r8852e2_firmwarez2r6552x_firmwarez2r8152x-p_firmwarez2r6452axp2r3052ae2_firmwarep2g1052_firmwarez2r8122x-pp2r6852e2p2r3022ae2_firmwarep2r3052ae2p2r6322ae4_firmwarep3r6322e2p2r6822e2_firmwarep2r8822e2_firmwarez2r6452ax_firmwarep2r6352ae2z2r8022ex25_firmwarep2r6322ae4p2r3022ae2p3r6522e2z3r6522xp2r8822e4p2r6852e4_firmwarep2r6552e4z3r6522x_firmwarep3r8822e2_firmwarep2g1052p2r8852e4z2r8122x2-p_firmwarep2r6822e4_firmwarep2r6522e4_firmwarez2r6452ax-p_firmwarez3r8922x3_firmwarep2r6352ae4z2r8052ex25_firmwareP2/Z2/P3/Z3 IP camera firmware
CWE ID-CWE-522
Insufficiently Protected Credentials
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2022-32520
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.16% / 37.69%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-32518
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-8||HIGH
EPSS-0.16% / 37.69%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 00:00
Updated-05 Feb, 2025 | 20:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32520. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Action-Not Available
Vendor-Schneider Electric SE
Product-data_center_expertData Center Expert
CWE ID-CWE-522
Insufficiently Protected Credentials
CVE-2022-35411
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-70.89% / 98.64%
||
7 Day CHG~0.00%
Published-08 Jul, 2022 | 18:07
Updated-03 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

Action-Not Available
Vendor-rpc.py_projectn/a
Product-rpc.pyn/a
CWE ID-CWE-522
Insufficiently Protected Credentials
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found