FatPipe WARP/IPVPN/MPVPN - Backdoor Account

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain an account named "cmuser" with administrative privileges and no password, letting attackers gain unauthorized admin access, exploit requires no authentication. id: CVE-2021-27856 info: name: FatPipe...

FatPipe WARP/IPVPN/MPVPN - Authorization Bypass

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain a missing authorization caused by lack of access control in the web management interface, letting remote attackers access sensitive URLs, exploit requires no authentication. id: CVE-2021-27858 info: name:...

EUVD-2021-14597

Malware in sbrugna...

EUVD-2021-14593

Malware in sbrugna...

EUVD-2021-14596

Malware in sbrugna...

EUVD-2021-14594

Malware in sbrugna...

VulnCheck KEV: CVE-2021-27855

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, authenticated attacker with read-only privileges to grant themselves administrative privileges. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this...

FatPipe MPVPN < 10.1.2r60p92 / 10.2.2 < 10.2.2r44p1 Configuration File Upload (CVE-2021-27860)

According to its self-reported version, the instance of FatPipe MPVPN running on the remote web server is 10.1.2r60p92 or 10.2.2 10.2.2r44p1. It is, therefore, affected by a configuration file upload vulnerability that could allow a remote attacker to upload a file to any location on the filesyst...

FatPipe MPVPN Web Detection

Binary data fatpipempvpnwebdetect.nbin...

FatPipe MPVPN < 10.1.2r60p91 / 10.2.2 < 10.2.2r42 Multiple Vulnerabilities

According to its self-reported version, the instance of FatPipe MPVPN running on the remote web server is 10.1.2r60p91 or 10.2.2 10.2.2r42. It is, therefore, affected by multiple vulnerabilities, including: - FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42...

VulnCheck KEV: CVE-2021-27856

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an account named "cmuser" that has administrative privileges and no password. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA002...

The vulnerability in the web interface for managing FatPipe’s software allows a hacker to execute arbitrary code.

The vulnerability of the FatPipe software management web interface is related to the unlimited download of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created malware file...

FatPipe Multiple Products Unrestricted File Upload (CVE-2021-27860)

An unrestricted file upload vulnerability exists in FatPipe Multiple Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit

A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem...

VulnCheck KEV: CVE-2021-27860

A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem...

The vulnerability in the FatPipe software’s web interface, related to the unlimited download of malicious files, allows a hacker to download a malicious file onto a vulnerable device and execute it.

The vulnerability of the FatPipe software management web interface is related to the unlimited download of malicious files. Exploiting this vulnerability allows a malicious actor to download a malicious file onto a vulnerable device and execute it...

FatPipe WARP, IPVPN and MPVPN have unspecified vulnerabilities

FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover due to the failure of a WAN component or service resulting in the loss of data line connectivity.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN, which stems from t...

FatPipe WARP, IPVPN, and MPVPN Authorization Vulnerability (CNVD-2021-101933)

FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover due to a WAN component or service failure that results in a data line connection outage.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN that stems from a lack of...

FatPipe WARP, IPVPN, and MPVPN Authorization Vulnerability (CNVD-2021-101934)

FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover as a result of a WAN component or service failure resulting in a data line connection outage.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN, which stems from a lac...

FatPipe WARP, IPVPN and MPVPN authorization vulnerabilities

FatPipe is a WAN redundancy technology from FatPipe USA that provides companies with automated and dynamic failover due to a WAN component or service failure that results in a data line connection outage.A security vulnerability exists in FatPipe WARP, IPVPN and MPVPN that stems from a lack of...