Multiple vulnerabilities in Siemens SCALANCE W1750D
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2021-37727 CVE-2021-37730 CVE-2021-37734 |
| CWE-ID | CWE-78 CWE-22 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SCALANCE W1750D Hardware solutions / Firmware |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) OS Command Injection
EUVDB-ID: #VU57132
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-37727
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated user to escalate privileges on the system.
The vulnerability exists due to improper input validation in the command line interface. A remote privileged user can pass specially crafted data to the application and execute arbitrary OS commands on the system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE W1750D: 8.7.1.3
CPE2.3- cpe:2.3:h:siemens:scalance_w1750d:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w1750d:8.7.1.3:*:*:*:*:*:*:*
https://cert-portal.siemens.com/productcert/txt/ssa-917476.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) OS Command Injection
EUVDB-ID: #VU57133
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-37730
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
Description
The vulnerability allows a remote authenticated user to escalate privileges on the system.
The vulnerability exists due to improper input validation in the command line interface. A remote privileged user can pass specially crafted data to the application and execute arbitrary OS commands on the system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE W1750D: 8.7.1.3
CPE2.3- cpe:2.3:h:siemens:scalance_w1750d:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w1750d:8.7.1.3:*:*:*:*:*:*:*
https://cert-portal.siemens.com/productcert/txt/ssa-917476.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Path traversal
EUVDB-ID: #VU57135
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-37734
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences in the instant command line interface. A remote privileged user can view contents of arbitrary files on the system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE W1750D: 8.7.1.3
CPE2.3- cpe:2.3:h:siemens:scalance_w1750d:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_w1750d:8.7.1.3:*:*:*:*:*:*:*
https://cert-portal.siemens.com/productcert/txt/ssa-917476.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
