CVE-2021-1531
published 2021-05-22CVE-2021-1531: A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web…
PriorityP272high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
30.49%
98.0th percentile
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected server. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the web application, virl2, on the underlying operating system of the affected server. To exploit this vulnerability, the attacker must have valid user credentials on the web UI.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_modeling_labs | — | — |
| cisco | modeling_labs | — | — |
| cisco | modeling_labs | — | — |
| cisco | modeling_labs | — | — |
| cisco | modeling_labs | — | — |
| cisco | modeling_labs | — | — |
| cisco | modeling_labs | — | — |
| cisco | modeling_labs | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit vector is a crafted HTTP request to the Cisco Modeling Labs web UI; monitor for anomalous or malformed HTTP requests targeting the CML web interface from authenticated sessions. ↗
- →Commands executed on the underlying OS will run under the 'virl2' process/user account; alert on unexpected process execution or OS commands spawned by the virl2 web application user. ↗
- →Root cause is CWE-88 (Argument Injection); focus detection on user-supplied input fields in the CML web UI that may be passed unsanitized to OS-level commands (argument injection pattern). ↗
- →Exploitation requires valid authenticated credentials; investigate authenticated sessions that subsequently trigger unexpected system-level activity as a post-authentication abuse pattern. ↗
- ·No workarounds are available for this vulnerability; patching via Cisco software updates is the only remediation path. ↗
- ·The vulnerability is tracked under Cisco Bug ID CSCvx78835; use this identifier when querying Cisco's bug tracker or PSIRT feeds for patch status. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_cisco8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m74m-f2xh-459p: A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges o
ghsa_unreviewed·2022-05-24
CVE-2021-1531 [HIGH] CWE-88 GHSA-m74m-f2xh-459p: A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges o
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected server. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the web application, virl2, on the underlying operating system of the affected server. To exploit this vulnerability, the attacker must have valid user credentials on the web UI.
Cisco
Cisco Modeling Labs Web UI Command Injection Vulnerability
vendor_cisco·2021-05-19·CVSS 8.8
CVE-2021-1531 [HIGH] CWE-88 Cisco Modeling Labs Web UI Command Injection Vulnerability
Cisco Modeling Labs Web UI Command Injection Vulnerability
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server.
This vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected server. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the web application, virl2, on the underlying operating system of the affected server. To exploit this vulnerability, the attacker must have valid user credentials on the web UI.
Cisco has released
Cisco
Cisco Modeling Labs Web UI Command Injection Vulnerability
vendor_cisco·CVSS 3.1
CVE-2021-1531 Cisco Modeling Labs Web UI Command Injection Vulnerability
CVE-2021-1531: Cisco Modeling Labs Web UI Command Injection Vulnerability
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the web application on the underlying operating system of an affected Cisco Modeling Labs server. This vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected server. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the web application, virl2 , on the underlying operating system of the affected server. To exploit this vulnerability, the attacker must have valid user credentials on the web UI. Cisc
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/163265/Cisco-Modeling-Labs-2.1.1-b19-Remote-Command-Execution.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cml-cmd-inject-N4VYeQXBhttp://packetstormsecurity.com/files/163265/Cisco-Modeling-Labs-2.1.1-b19-Remote-Command-Execution.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cml-cmd-inject-N4VYeQXB
2021-05-22
Published