CVE-2021-27447
published 2021-12-21CVE-2021-27447: Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.30%
81.1th percentile
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mesa_labs | amegaview | unspecified – 3.0 | — |
| mesalabs | amegaview | <= 3.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2021-27447 is a command injection (CWE-77) in Mesa Labs AmegaView version 3.0 and prior, exploitable remotely with no authentication required (CVSS 10.0: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) — monitor for unexpected OS command execution originating from the AmegaView web interface process. ↗
- →A related vulnerability (CVE-2021-27453) involves default cookies that can be set to bypass authentication to the AmegaView web application — inspect HTTP requests to AmegaView for use of known default cookie values. ↗
- →A related vulnerability (CVE-2021-27449) is a second command injection exploitable by a low-privileged user in the AmegaView web server (CVSS 9.9: AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) — monitor web server logs for anomalous command-like input from authenticated sessions. ↗
- ·No known public exploits specifically target these vulnerabilities at time of advisory publication. ↗
- ·MesaLabs does not plan to release a patch; AmegaView is scheduled for end-of-life at end of 2021. Detection efforts should focus on network isolation and monitoring rather than expecting a vendor fix. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
MesaLabs AmegaView
cisa_ics·2021-05-27·CVSS 10.0
[CRITICAL] MesaLabs AmegaView
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
MesaLabs AmegaView
Last RevisedMay 27, 2021
Alert CodeICSA-21-147-03
## 1. EXECUTIVE SUMMARY
- CVSS v3 10.0
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Mesa Labs
- Equipment: AmegaView
- Vulnerabilities: Command Injection, Improper Authentication, Authentication Bypass Using an Alternate Path or Channel, Improper Privilege Management
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow remote code execution or allow access to the device.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of AmegaVi
GHSA
GHSA-c5wx-4cqq-ff6w: Mesa Labs AmegaView version 3
ghsa_unreviewed·2021-12-22
CVE-2021-27447 [CRITICAL] CWE-77 GHSA-c5wx-4cqq-ff6w: Mesa Labs AmegaView version 3
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-12-21
Published