当前位置:网站首页>Serious security vulnerabilities reported by moxa mxview network management software
Serious security vulnerabilities reported by moxa mxview network management software
2022-07-03 02:40:00 【Khan security team】
Some effects have been disclosed Moxa MXview be based on Web Technical details of the security vulnerability of the network management system , Some of them may be linked by unauthenticated attackers , To achieve remote code execution on unpatched servers .
Claroty Security researcher Noam Moshe In a report released this week , These five security vulnerabilities “ May allow remote 、 An unauthenticated attacker executes code on the host with the highest available privileges :NT AUTHORITY\SYSTEM” .
Moxa MXview Designed to configure 、 Designed to monitor and diagnose network equipment in Industrial Networks . These affect network management software 3.x to 3.2.2 The defect of the version is 2021 year 10 After the coordinated disclosure process in January, it will be in 3.2.4 Or later .
“ Successful exploitation of these vulnerabilities may allow attackers to create or overwrite critical files to execute code 、 Access program 、 Obtain the credentials 、 Disable Software 、 Read and modify other inaccessible data 、 Allow remote connection to internal communication channels or interaction and remote use MQTT,” U.S. cybersecurity and Infrastructure Security Agency (CISA) In an announcement, it said .
MQTT It refers to a message passing protocol that promotes remote asynchronous communication , Support in MXview Messages are transferred between different components in the environment .
The list of defects is as follows ——
- CVE-2021-38452(CVSS score :7.5)- Path traversal vulnerability in applications , Allow access to or overwrite key files used to execute code
- CVE-2021-38454(CVSS fraction :10.0)- Allow remote connections to MQTT Misconfigured service , Thus, it can interact and use communication channels remotely
- CVE-2021-38456(CVSS fraction :9.8)- Use hard coded passwords
- CVE-2021-38458(CVSS fraction :9.8)- Improper neutralization of special elements , It may cause unauthorized commands to be executed remotely
- CVE-2021-38460(CVSS fraction :7.5)- Password disclosure cases that may allow attackers to obtain credentials
The above three vulnerabilities ——CVE-2021-38452、CVE-2021-38454 and CVE-2021-38458 Can be strung together , In vulnerable areas with system privileges MXView Implement pre validated remote code execution on the instance .
stay Claroty In the hypothetical attack scenario designed ,CVE-2021-38452 May be abused , By reading the configuration file gateway-upper.ini To get plain text MQTT password , And then use it CVE-2021-38454 Inject hooligans MQTT news , The command injection on the server triggers code execution .
“ The attacker directed at MQTT The agent injects malicious messages , Bypass all input validation performed by the server , And pass OS Command injection vulnerability enables arbitrary remote code execution ,”Moshe explains .
边栏推荐
- Cvpr2022 remove rain and fog
- The sandbox explains its vision for the meta universe platform
- GBase 8c系统表-pg_authid
- 【Flutter】shared_ Preferences local storage (introduction | install the shared_preferences plug-in | use the shared_preferences process)
- [fluent] listview list (map method description of list set | vertical list | horizontal list | code example)
- leetcode540
- Random Shuffle attention
- HTB-Devel
- [fluent] futurebuilder asynchronous programming (futurebuilder construction method | asyncsnapshot asynchronous calculation)
- Apple releases MacOS 11.6.4 update: mainly security fixes
猜你喜欢
Awk from introduction to earth (0) overview of awk
Basic operation of binary tree (C language version)
oauth2.0鉴权,登录访问 “/oauth/token”,请求头Authorization(basicToken)如何取值???
Summary of interview project technology stack
Practice of traffic recording and playback in vivo
A2L file parsing based on CAN bus (2)
Check log4j problems using stain analysis
内存池(内核角度理解new开辟空间的过程)
Choose it when you decide
Random shuffle note
随机推荐
QT qcombobox add qccheckbox (drop-down list box insert check box, including source code + comments)
【ROS进阶篇】第六讲 ROS中的录制与回放(rosbag)
The use of Flink CDC mongodb and the implementation of Flink SQL parsing complex nested JSON data in monggo
A2L file parsing based on CAN bus (2)
What is the way out for children from poor families?
搭建私有云盘 cloudreve
GBase 8c系统表-pg_class
Interview stereotyped version
Gbase 8C function / stored procedure parameters (I)
Counter统计数量后,如何返回有序的key
Basic operation of binary tree (C language version)
The Linux server needs to install the agent software EPS (agent) database
Restcloud ETL cross database data aggregation operation
GBase 8c系统表-pg_auth_members
《MATLAB 神经网络43个案例分析》:第43章 神经网络高效编程技巧——基于MATLAB R2012b新版本特性的探讨
HTB-Devel
【教程】chrome关闭跨域策略cors、samesite,跨域带上cookie
easyPOI
Producer consumer model based on thread pool (including blocking queue)
Matlab tips (24) RBF, GRNN, PNN neural network