CVE-2021-35225
published 2021-10-21CVE-2021-35225: Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers…
PriorityP432medium6.4CVSS 3.1
AVNACLPRLUINSCCLILAN
EPSS
0.82%
52.5th percentile
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| solarwinds | network_performance_monitor | <= 2020.2.6 | — |
| solarwinds | network_performance_monitor | — | — |
| solarwinds | npm | >= 2020.2.6 Hotfix 1 and previous versions < 2020.2.6 Hotfix 2 | 2020.2.6 Hotfix 2 |
CVSS provenance
nvdv3.16.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
nvdv2.05.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)
suricata·2021-03-11·CVSS 6.8
CVE-2020-35226 [MEDIUM] ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x000a (CVE-2020-35225)"; content:"|00 1a 00|"; startswith; content:"|00 0a|"; content:"|ff|"; distance:1; within:1; content:"|ff ff 00 00|"; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031945; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35225, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag Description_Gen
Suricata
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)
suricata·2021-03-11·CVSS 6.8
CVE-2020-35226 [MEDIUM] ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0003 (CVE-2020-35225)"; content:"|00 1a 00|"; startswith; content:"|00 03|"; content:"|ff|"; distance:1; within:1; content:"|ff ff 00 00|"; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031943; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35225, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag Description_Gen
Suricata
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)
suricata·2021-03-11·CVSS 6.8
CVE-2020-35226 [MEDIUM] ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)
ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)
Rule: alert udp $HOME_NET any -> any 60000: (msg:"ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer Overflow Attempt - 0x0005 (CVE-2020-35225)"; content:"|00 1a 00|"; startswith; content:"|00 05|"; content:"|ff|"; distance:1; within:1; content:"|ff ff 00 00|"; endswith; fast_pattern; reference:url,research.nccgroup.com/2021/03/08/technical-advisory-multiple-vulnerabilities-in-netgear-prosafe-plus-jgs516pe-gs116ev2-switches/; reference:cve,2020-35226; classtype:attempted-admin; sid:2031944; rev:1; metadata:attack_target Networking_Equipment, created_at 2021_03_11, cve CVE_2020_35225, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag Description_Gen
No public exploits indexed.
No writeups or analysis indexed.
https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htmhttps://support.solarwinds.com/SuccessCenter/s/article/NPM-2020-2-6-Hotfix-2?language=en_UShttps://www.solarwinds.com/trust-center/security-advisories/cve-2021-35225https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htmhttps://support.solarwinds.com/SuccessCenter/s/article/NPM-2020-2-6-Hotfix-2?language=en_UShttps://www.solarwinds.com/trust-center/security-advisories/cve-2021-35225
2021-10-21
Published