CVE-2024-5421
published 2024-06-04CVE-2024-5421: Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command…
PriorityP261high8.7CVSS 4.0
AVNACLATNPRLUINVCHVIHVAHSCNSINSALEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
3.69%
88.3th percentile
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| seh_computertechnik | inu-100 | <= 20.1.22 | — |
| seh_computertechnik | utnserver_pro | <= 20.1.22 | — |
| seh_computertechnik | utnserver_promax | <= 20.1.22 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/info/dir?/
othershodan-query: "SEH HTTP Server"
- →HTTP GET request to /info/dir?/ path is the exploit trigger for the file disclosure vulnerability
- →Response body contains '/var/tmp', 'File System Info', and 'face="courier' when exploitation is successful
- →HTTP 200 status code is expected on successful exploitation of the file disclosure endpoint
- →Shodan fingerprint 'SEH HTTP Server' can be used to identify exposed vulnerable devices on the internet
- ·Authentication is required to exploit this vulnerability; unauthenticated access will not trigger the file disclosure ↗
- ·Affected versions are 20.1.22 and below; devices running later versions are not vulnerable ↗
- ·The NVD description characterises this as an OS command injection (CWE-78), while the Nuclei template and exploit PoC demonstrate it as a file/directory disclosure — both attack surfaces exist in the same version ↗
CVSS provenance
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vendor_oracle6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8pqj-vj9j-2jf2: Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated co
ghsa_unreviewed·2024-06-04
CVE-2024-5421 CWE-78 GHSA-8pqj-vj9j-2jf2: Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated co
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: Third Party (Spring Framework) — CVE-2020-5421
vendor_oracle·2024-01-15·CVSS 6.5
CVE-2020-5421 [MEDIUM] Oracle Oracle Fusion Middleware Risk Matrix: Third Party (Spring Framework) — CVE-2020-5421
Oracle Oracle Fusion Middleware Risk Matrix: Third Party (Spring Framework) vulnerability
CVE: CVE-2020-5421
CVSS: 6.5
Protocol: HTTP
Remote exploit: No
Affected versions: Network
Advisory: cpujan2024 (JAN 2024)
No detection rules found.
Nuclei
SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure
nuclei·CVSS 8.7
CVE-2024-5421 [HIGH] SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure
SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure
A vulnerability was identified in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, impacting the file handling functions. This flaw results in authenticated file disclosure, granting unauthorized access to sensitive files and directories. Although authentication is required, the vulnerability poses a significant risk of data exposure. This vulnerability is publicly disclosed and identified as CVE-2024-5421.
Template:
id: CVE-2024-5421
info:
name: SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure
author: bl4ckp4r4d1s3
severity: high
description: |
A vulnerability was identified in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, impacting the file handling functions. This fl
No writeups or analysis indexed.
2024-06-04
Published