Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.FATPIPE_MPVPN_10_2_2R42.NASL
HistoryMay 25, 2023 - 12:00 a.m.

FatPipe MPVPN < 10.1.2r60p91 / 10.2.2 < 10.2.2r42 Multiple Vulnerabilities

2023-05-2500:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
15
fatpipe mpvpn
remote web server
vulnerabilities
administrative privileges
missing authorization
nessus scanner
self-reported version
remote attacker.

0.004 Low

EPSS

Percentile

74.4%

JSON

According to its self-reported version, the instance of FatPipe MPVPN running on the remote web server is < 10.1.2r60p91 or 10.2.2 < 10.2.2r42. It is, therefore, affected by multiple vulnerabilities, including:

- FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named       'cmuser' that has administrative privileges and no password. (CVE-2021-27856)

- FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote,       authenticated attacker with read-only privileges to grant themselves administrative privileges. (CVE-2021-27855)

- A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software       prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to       create an account with administrative privileges. (CVE-2021-27859)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(176378);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/05/29");

  script_cve_id(
    "CVE-2021-27855",
    "CVE-2021-27856",
    "CVE-2021-27857",
    "CVE-2021-27858",
    "CVE-2021-27859"
  );

  script_name(english:"FatPipe MPVPN < 10.1.2r60p91 / 10.2.2 < 10.2.2r42 Multiple Vulnerabilities");

  script_set_attribute(attribute:"synopsis", value:
"A web application running on the remote server is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, the instance of FatPipe MPVPN running on the remote web server is <
10.1.2r60p91 or 10.2.2 < 10.2.2r42. It is, therefore, affected by multiple vulnerabilities, including:

    - FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named
      'cmuser' that has administrative privileges and no password. (CVE-2021-27856)

    - FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote,
      authenticated attacker with read-only privileges to grant themselves administrative privileges. (CVE-2021-27855)

    - A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software
      prior to versions 10.1.2r60p91 and 10.2.2r42 allows an authenticated, remote attacker with read-only privileges to
      create an account with administrative privileges. (CVE-2021-27859)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.fatpipeinc.com/fpsa/fpsa001.php");
  script_set_attribute(attribute:"see_also", value:"https://www.fatpipeinc.com/fpsa/fpsa002.php");
  script_set_attribute(attribute:"see_also", value:"https://www.fatpipeinc.com/fpsa/fpsa003.php");
  script_set_attribute(attribute:"see_also", value:"https://www.fatpipeinc.com/fpsa/fpsa004.php");
  script_set_attribute(attribute:"see_also", value:"https://www.fatpipeinc.com/fpsa/fpsa005.php");
  script_set_attribute(attribute:"solution", value:
"Upgrade to FatPipe MPVPN 10.1.2r60p91 or 10.2.2r42 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-27856");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/12/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/12/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/05/25");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fatpipeinc:mpvpn_firmware");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("fatpipe_mpvpn_web_detect.nbin");
  script_require_keys("installed_sw/FatPipe MPVPN");
  script_require_ports("Services/www", 443);

  exit(0);
}

include('vcf.inc');
include('http.inc');

var port = get_http_port(default:443);

var app_info = vcf::get_app_info(app:'FatPipe MPVPN', port:port, webapp:TRUE);

var constraints = [
  {'fixed_version':'10.1.2.60.91', 'fixed_display':'10.1.2r60p91'},
  {'min_version':'10.2.2', 'fixed_version':'10.2.2.42', 'fixed_display':'10.2.2r42'},
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
fatpipeincmpvpn_firmwarecpe:/o:fatpipeinc:mpvpn_firmware

Related

cve 5
nvd 5
prion 5
cvelist 5
cnvd 5
zeroscience 1
cve
cve
CVE-2021-27856
2021-12-15 20:15:08
CVE-2021-27858
2021-12-15 20:15:08
CVE-2021-27855
2021-12-15 20:15:07
nvd
nvd
CVE-2021-27859
2021-12-15 20:15:08
CVE-2021-27858
2021-12-15 20:15:08
CVE-2021-27856
2021-12-15 20:15:08
prion
prion
Authorization
2021-12-15 20:15:00
Design/Logic Flaw
2021-12-15 20:15:00
Authorization
2021-12-15 20:15:00
cvelist
cvelist
CVE-2021-27857 FatPipe software allows unauthenticated configuration download
2021-09-27 00:00:00
CVE-2021-27859 Missing authorization vulnerability in FatPipe software
2021-09-27 00:00:00
CVE-2021-27856 FatPipe software administrative account with no password
2021-09-27 00:00:00
cnvd
cnvd
FatPipe WARP, IPVPN and MPVPN have unspecified vulnerabilities
2021-12-17 00:00:00
FatPipe WARP, IPVPN, and MPVPN Authorization Vulnerability (CNVD-2021-101933)
2021-12-17 00:00:00
FatPipe WARP, IPVPN and MPVPN have unspecified vulnerabilities (CNVD-2021-101931)
2021-12-17 00:00:00
zeroscience
zeroscience
FatPipe Networks WARP/IPVPN/MPVPN 10.2.2 Remote Privilege Escalation
2021-09-27 00:00:00

0.004 Low

EPSS

Percentile

74.4%

JSON
Related for FATPIPE_MPVPN_10_2_2R42.NASL
cve5nvd5prion5cvelist5cnvd5zeroscience1