CVE-2021-20121 (GCVE-0-2021-20121)

Vulnerability from cvelistv5 – Published: 2021-10-11 16:48 – Updated: 2024-08-03 17:30
VLAI?
Summary
The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and making a series of crafted requests to the device's web interface.
Severity ?
No CVSS data available.
CWE
  • Arbitrary file read
Assigner
References
Impacted products
Vendor Product Version
n/a Telus Wi-Fi Hub (PRV65B444A-S-TS) Affected: 3.00.20
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T17:30:07.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2021-41"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Telus Wi-Fi Hub (PRV65B444A-S-TS)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "3.00.20"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and making a series of crafted requests to the device\u0027s web interface."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbitrary file read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-11T16:48:55.000Z",
        "orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
        "shortName": "tenable"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2021-41"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnreport@tenable.com",
          "ID": "CVE-2021-20121",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Telus Wi-Fi Hub (PRV65B444A-S-TS)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.00.20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and making a series of crafted requests to the device\u0027s web interface."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Arbitrary file read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.tenable.com/security/research/tra-2021-41",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2021-41"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
    "assignerShortName": "tenable",
    "cveId": "CVE-2021-20121",
    "datePublished": "2021-10-11T16:48:55.000Z",
    "dateReserved": "2020-12-17T00:00:00.000Z",
    "dateUpdated": "2024-08-03T17:30:07.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-20121",
      "date": "2026-04-26",
      "epss": "0.00072",
      "percentile": "0.21769"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:telus:prv65b444a-s-ts_firmware:3.00.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80DB4F46-06BC-438F-A685-C4C1A2ACA69B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:telus:prv65b444a-s-ts:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0BE94241-E1DE-41E0-B9F3-E479A181A743\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and making a series of crafted requests to the device\u0027s web interface.\"}, {\"lang\": \"es\", \"value\": \"Telus Wi-Fi Hub (PRV65B444A-S-TS) con versi\\u00f3n de firmware 3.00.20, es vulnerable a una lectura de archivos arbitraria autenticada. Un usuario autenticado con acceso f\\u00edsico al dispositivo puede leer archivos arbitrarios desde el dispositivo preparando y conectando una unidad USB especialmente preparada al dispositivo, y realizando una serie de peticiones dise\\u00f1adas a la interfaz web del dispositivo\"}]",
      "id": "CVE-2021-20121",
      "lastModified": "2024-11-21T05:45:57.780",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 4.0, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"PHYSICAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 0.4, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:N/A:N\", \"baseScore\": 1.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.4, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-10-11T17:15:07.450",
      "references": "[{\"url\": \"https://www.tenable.com/security/research/tra-2021-41\", \"source\": \"vulnreport@tenable.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/research/tra-2021-41\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "vulnreport@tenable.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-20121\",\"sourceIdentifier\":\"vulnreport@tenable.com\",\"published\":\"2021-10-11T17:15:07.450\",\"lastModified\":\"2024-11-21T05:45:57.780\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is vulnerable to an authenticated arbitrary file read. An authenticated user with physical access to the device can read arbitrary files from the device by preparing and connecting a specially prepared USB drive to the device, and making a series of crafted requests to the device\u0027s web interface.\"},{\"lang\":\"es\",\"value\":\"Telus Wi-Fi Hub (PRV65B444A-S-TS) con versi\u00f3n de firmware 3.00.20, es vulnerable a una lectura de archivos arbitraria autenticada. Un usuario autenticado con acceso f\u00edsico al dispositivo puede leer archivos arbitrarios desde el dispositivo preparando y conectando una unidad USB especialmente preparada al dispositivo, y realizando una serie de peticiones dise\u00f1adas a la interfaz web del dispositivo\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":0.4,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":1.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:telus:prv65b444a-s-ts_firmware:3.00.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80DB4F46-06BC-438F-A685-C4C1A2ACA69B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:telus:prv65b444a-s-ts:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BE94241-E1DE-41E0-B9F3-E479A181A743\"}]}]}],\"references\":[{\"url\":\"https://www.tenable.com/security/research/tra-2021-41\",\"source\":\"vulnreport@tenable.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/research/tra-2021-41\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.