CVE Vulnerability

CVE-2021-41583

vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14, as packaged for Debian 10, Debian 11, and Fedora, allows remote authenticated users to obtain OS filesystem access, because of the interaction of QR codes with an exec that uses the -r option. This can be leveraged to obtain additional VPN access.

9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

8.8 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://list.surfnet.nl/pipermail/eduvpn-deploy/2021-September/000352.html Mailing List Third Party Advisory
https://github.com/eduvpn/vpn-user-portal/releases Release Notes Third Party Advisory
Configurations

Configuration 1
Information

Published : 2021-09-24 03:15

Updated : 2021-10-05 08:03

NVD link : CVE-2021-41583

Mitre link : CVE-2021-41583

Products Affected
No products.
CWE
CWE-20