CVE-2021-45876 - OpenCVE

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Garo	Wallbox Glb Wallbox Glb Firmware Wallbox Gtb Wallbox Gtb Firmware Wallbox Gtc Wallbox Gtc Firmware

Configuration 1 [-]

AND

cpe:2.3:h:garo:wallbox_gtb:-:*:*:*:*:*:*:*

cpe:2.3:o:garo:wallbox_gtb_firmware:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:garo:wallbox_gtc:-:*:*:*:*:*:*:*

cpe:2.3:o:garo:wallbox_gtc_firmware:*:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:garo:wallbox_glb:-:*:*:*:*:*:*:*

cpe:2.3:o:garo:wallbox_glb_firmware:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/delikely/advisory/tree/main/GARO

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-21T10:27:40

Updated: 2024-08-04T04:54:31.089Z

Reserved: 2021-12-27T00:00:00

Link: CVE-2021-45876

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-03-21T11:15:10.620

Modified: 2022-03-28T17:04:59.407

Link: CVE-2021-45876

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-03-21T10:27:40", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/delikely/advisory/tree/main/GARO"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-45876", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/delikely/advisory/tree/main/GARO", "refsource": "MISC", "url": "https://github.com/delikely/advisory/tree/main/GARO"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:54:31.089Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/delikely/advisory/tree/main/GARO"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-45876", "datePublished": "2022-03-21T10:27:40", "dateReserved": "2021-12-27T00:00:00", "dateUpdated": "2024-08-04T04:54:31.089Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:garo:wallbox_gtb:-:*:*:*:*:*:*:*", "matchCriteriaId": "2954CEA4-F30C-4BED-AAA2-49D6966A2760", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:garo:wallbox_gtb_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "62C49B04-6ADF-43DC-97FA-B17BC7C2611B", "versionEndIncluding": "185", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:garo:wallbox_gtc:-:*:*:*:*:*:*:*", "matchCriteriaId": "27B3EFDD-F075-4175-8BD2-F09F87E8AEFA", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:garo:wallbox_gtc_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8AE5290A-84F0-4A08-AA34-57F1B5DD1689", "versionEndIncluding": "185", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:garo:wallbox_glb:-:*:*:*:*:*:*:*", "matchCriteriaId": "184D4B15-74BD-415A-9A48-7EE08BC52EDE", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:garo:wallbox_glb_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C7E90C76-CB8A-4002-A140-F7EA9023A4F4", "versionEndIncluding": "185", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an command Injection. Unfiltered user input is used to generate code which then gets executed when downloading new firmware."}, {"lang": "es", "value": "M\u00faltiples versiones de GARO Wallbox GLB/GTB/GTC est\u00e1n afectadas por la inyecci\u00f3n de comandos no autenticados. El par\u00e1metro url del m\u00f3dulo de funci\u00f3n downloadAndUpdate es vulnerable a una inyecci\u00f3n de comando. La entrada del usuario no filtrada es usada para generar c\u00f3digo que luego es ejecutado cuando es descargado un nuevo firmware"}], "id": "CVE-2021-45876", "lastModified": "2022-03-28T17:04:59.407", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-03-21T11:15:10.620", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/delikely/advisory/tree/main/GARO"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}