Skip to main content

Ecs Router Controller Ecs Firmware CVE-2021-41290

CRITICAL
Unrestricted Upload of File with Dangerous Type (CWE-434)
2021-09-30 twcert@cert.org.tw
9.8
CVSS 3.1 · Vendor: cert
Share

Severity by source

Vendor (cert) PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (cert) · only source for this CVE.

CVSS VectorVendor: cert

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 30, 2021 - 11:15 cve.org
CRITICAL 9.8

DescriptionCVE.org

ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to execute arbitrary code on the affected device.

AnalysisAI

ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Unrestricted File Upload (CWE-434), which allows attackers to upload malicious files that can be executed on the server. ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to execute arbitrary code on the affected device. Affected products include: Ecoa Ecs Router Controller-Ecs Firmware, Ecoa Riskbuster Firmware, Ecoa Riskterminator.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate file types server-side, store uploads outside webroot, use random filenames, scan for malware.

CVE-2021-41293 HIGH POC
7.5 Sep 30

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Rated high severity

CVE-2021-41291 HIGH POC
7.5 Sep 30

ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Rated high severity (CVSS 7.5), this

CVE-2021-41301 CRITICAL
9.8 Sep 30

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files

CVE-2021-41300 CRITICAL
9.8 Sep 30

ECOA BAS controller’s special page displays user account and passwords in plain text, thus unauthenticated attackers can

CVE-2021-41299 CRITICAL
9.8 Sep 30

ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers c

CVE-2021-41296 CRITICAL
9.8 Sep 30

ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password at

CVE-2021-41294 CRITICAL
9.1 Sep 30

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files deletion. Rated critical severi

CVE-2021-41292 CRITICAL
9.1 Sep 30

ECOA BAS controller suffers from an authentication bypass vulnerability. Rated critical severity (CVSS 9.1), this vulner

CVE-2021-41298 HIGH
8.8 Sep 30

ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct a

CVE-2021-41297 HIGH
8.8 Sep 30

ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate priv

CVE-2021-41295 HIGH
8.8 Sep 30

ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a for

CVE-2021-41302 HIGH
7.3 Sep 30

ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the unauthenticated attacker can remotely

Share

CVE-2021-41290 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy