Thursday, June 30, 2022

Vulnerability Spotlight: Command injection vulnerabilities in Robustel cellular router

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. 

Cisco Talos recently discovered four vulnerabilities in the Robustel R1510 industrial cellular router. 

The R1510 is a portable router that shares 2G, 3G and 4G wireless internet access. It comes with several advanced software features for users like the ability to connect to a VPN, cloud data management and smart reboot.

There are three command injection vulnerabilities that exist in this device, as well as a data removal vulnerability that could allow an attacker to arbitrarily remove files from the device.

An attacker could trigger the command injection issues — TALOS-2022-1570 (CVE-2022-32585), TALOS-2022-1572 (CVE-2022-33312 - CVE-2022-33314) and TALOS-2022-1573 (CVE-2022-33325 - CVE-2022-33329) by sending a specific series of requests to the targeted device. If successful, the attacker could gain the ability to execute remote code. 

A similar series of requests could also give an attacker the ability to manipulate a specific function to delete arbitrary files, as outlined in TALOS-2022-1571 (CVE-2022-28127).

Cisco Talos worked with Robustel to ensure that these issues are resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy

Users are encouraged to update these affected products as soon as possible: Robustel R1510, version 3.3.0. Talos tested and confirmed this version of the router could be exploited by these vulnerabilities. 

The following Snort rules will detect exploitation attempts against this vulnerability: 60007 - 60034. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.