Eibport Firmware
CVE-2021-28911
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. device serial number). Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part of an attack chain to gain SSH root access.
AnalysisAI
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-307. BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /tmp path which contains some sensitive data (e.g. device serial number). Having those info, a possible loginId can be self-calculated in a brute force attack against BMX interface. This is usable and part of an attack chain to gain SSH root access. Affected products include: Bab-Technologie Eibport Firmware. Version information: version 3.9.1.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Eibport Firmware
View allBAB TECHNOLOGIE GmbH eibPort V3 prior to 3.8.3 devices allow denial of service (Uncontrolled Resource Consumption) via r
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to v
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access uncontrolled the login ser
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains basic SSRF vulnerability. Rated high severity (CVSS 7.5), t
BAB TECHNOLOGIE GmbH eibPort V3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow the user to set a weak password because the strength is shown
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today