Rewterz Threat Advisory –CVE-2021-33195 – IBM App Connect Security Vulnerability
August 4, 2021Rewterz Threat Alert – Remcos RAT – Active IOCs
August 4, 2021Rewterz Threat Advisory –CVE-2021-33195 – IBM App Connect Security Vulnerability
August 4, 2021Rewterz Threat Alert – Remcos RAT – Active IOCs
August 4, 2021Severity
High
Analysis Summary
CVE-2020-29011
Instances of SQL Injection vulnerabilities in FortiSandbox’s checksum search and MTA-quarantine modules may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests.
CVE-2021-24010
Improper limitation of a pathname to a restricted directory (CWE-22) vulnerabilities in FortiSandbox may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests.
CVE-2021-26096
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.
CVE-2021-24014
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters.
CVE-2021-32598
An improper neutralization of CRLF sequences in HTTP headers (‘HTTP Response Splitting’) vulnerability In FortiManager and FortiAnalyzer GUI may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.
CVE-2021-26104
Multiple OS command injection (CWE-78) vulnerabilities in the command line interface of FortiManager, FortiAnalyzer, and FortiPortal may allow a local authenticated and unprivileged user to execute arbitrary shell commands as root via specifically crafted CLI command parameters.
CVE-2021-32588
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal may allow a remote and unauthenticated attacker to execute unauthorized commands as root by uploading and deploying malicious web application archive files using the default hard-coded Tomcat Manager username and password.
CVE-2021-32587
An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface may allow a remote and authenticated attacker with restricted user profile to retrieve the list of administrative users of other ADOMs and their related configuration.
CVE-2021-26097
An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP requests.
CVE-2021-24006
An improper access control vulnerability in FortiManager may allow an authenticated attacker with a restricted user profile to access the SD-WAN Orchestrator panel via directly visiting its URL.
Impact
- Code Execution
- Privilege Escalation
- Cross-site Scripting
Affected Vendors
Fortinet
Affected Products
- FortiSandbox version 3.2.2 and earlier
- FortiSandbox version 3.1.4 and earlier
- FortiSandbox 3.2.2 and below
- FortiSandbox 3.1.4 and below
- FortiSandbox 3.2.2 and below.
- FortiManager 7.0.0
- FortiManager 6.4.x
- FortiAnalyzer 5.6.x
- FortiAnalyzer versions 6.4.5 and below
- FortiAnalyzer versions 5.6.x
- FortiPortal version 5.3.5 and below
- FortiPortal 5.0.x
- FortiPortal 5.1.x
- FortiManager versions 6.2 and below are NOT impacted
Remediation
For CVE-2021-29011: https://www.fortiguard.com/psirt/FG-IR-20-171
Upgrade to FortiSandbox version 3.2.2 or later.
Upgrade to FortiSandbox version 3.1.5 or later.
- For CVE-2021-24010: https://www.fortiguard.com/psirt/FG-IR-20-202
Upgrade to FortiSandbox version 4.0.0 or above.
Upgrade to FortiSandbox version 3.2.3 or above.
Upgrade to FortiSandbox version 3.1.5 or above.
- For CVE-2021-26096: https://www.fortiguard.com/psirt/FG-IR-20-188
Upgrade to FortiSandbox 4.0.0.
Upgrade to FortiSandbox 3.2.3.
- For CVE-2021-24014: https://www.fortiguard.com/psirt/FG-IR-20-209
Upgrade to version 4.0.0 or above.
Upgrade to version 3.2.3 or above.
- For CVE-2021-32598: https://www.fortiguard.com/psirt/FG-IR-21-063
Upgrade to FortiManager version 7.0.1 or above.
Upgrade to FortiManager version 6.4.6 or above.
Upgrade to FortiAnalyzer version 7.0.1 or above.
Upgrade to FortiAnalyzer version 6.4.6 or above.
- For CVE-2021-26104: https://www.fortiguard.com/psirt/FG-IR-21-037
Please upgrade to FortiManager version 6.2.8 or above.
Please upgrade to FortiManager version 6.4.6 or above.
Please upgrade to FortiManager version 7.0.0 or above.
Please upgrade to FortiAnalyzer version 6.2.8 or above.
Please upgrade to FortiAnalyzer version 6.4.6 or above.
Please upgrade to FortiAnalyzer version 7.0.0 or above.
Please upgrade to FortiPortal version 5.2.6 or above.
Please upgrade to FortiPortal version 5.3.6 or above.
Please upgrade to FortiPortal version 6.0.5 or above.
- For CVE-2021-32588: https://www.fortiguard.com/psirt/FG-IR-21-077
Please upgrade to FortiPortal version 5.2.6 or above.
Please upgrade to FortiPortal version 5.3.6 or above.
Please upgrade to FortiPortal version 6.0.5 or above.
- For CVE-2021-32587: https://www.fortiguard.com/psirt/FG-IR-21-059
upgrade to FortiManager version 7.0.1 or above.
upgrade to FortiManager version 6.4.6 or above.
upgrade to FortiAnalyzer version 7.0.1 or above.
upgrade to FortiAnalyzer version 6.4.6 or above.
- For CVE-2021-26097: fortiguard.com/psirt/FG-IR-20-198
Upgrade to FortiSandbox 4.0.0 or above.
Upgrade to FortiSandbox 3.2.3 or above.
Upgrade to FortiSandbox 3.1.5 or above.
Upgrade to FortiSandbox 3.0.7 or above.
- For CVE-2021-24006: https://www.fortiguard.com/psirt/FG-IR-20-061
Please upgrade to FortiManager version 6.4.4 or above