CVE-2021-27857

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. The attacker needs to know or correctly guess the hostname of the target system since the hostname is used as part of the configuration archive file name. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA003.

CVSS v3 7.5 HIGH
CVSS v2.0 4.3 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.fatpipeinc.com/support/cve-list.php	Vendor Advisory
https://www.zeroscience.mk/codes/fatpipe_configdl.txt	Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php	Third Party Advisory
https://www.fatpipeinc.com/support/cve-list.php	Vendor Advisory
https://www.zeroscience.mk/codes/fatpipe_configdl.txt	Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:fatpipeinc:ipvpn_firmware:5.2.0:r34::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p26::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p45-m::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p75-m::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:7.1.2:r39::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r129::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r144::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r150::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r156::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p12::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p16::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p17::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p2::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p20::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p26::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p3::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p4::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p5::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r165::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r180p2::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r185::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p10::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p13::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p32::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p35::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p45::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p55::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58s1::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p65::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p71::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p82::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r10::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r25::::::
	cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r38::::::

cpe:2.3:h:fatpipeinc:ipvpn:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

OR	cpe:2.3:o:fatpipeinc:mpvpn_firmware:5.2.0:r34::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p26::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p45-m::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p75-m::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:7.1.2:r39::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r129::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r144::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r150::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r156::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p12::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p16::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p17::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p2::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p20::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p26::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p3::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p4::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p5::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r165::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r180p2::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r185::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p10::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p13::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p32::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p35::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p45::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p55::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58s1::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p65::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p71::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p82::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r10::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r25::::::
	cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r38::::::

cpe:2.3:h:fatpipeinc:mpvpn:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

OR	cpe:2.3:o:fatpipeinc:warp_firmware:5.2.0:r34::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p26::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p45-m::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p75-m::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:7.1.2:r39::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r129::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r144::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r150::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r156::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p12::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p16::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p17::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p2::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p20::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p26::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p3::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p4::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p5::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r165::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r180p2::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r185::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p10::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p13::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p32::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p35::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p45::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p55::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58s1::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p65::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p71::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p82::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r10::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r25::::::
	cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r38::::::

cpe:2.3:h:fatpipeinc:warp:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:58

Type	Values Removed	Values Added
References	~~() https://www.fatpipeinc.com/support/cve-list.php - Vendor Advisory~~	() https://www.fatpipeinc.com/support/cve-list.php - Vendor Advisory
References	~~() https://www.zeroscience.mk/codes/fatpipe_configdl.txt - Third Party Advisory~~	() https://www.zeroscience.mk/codes/fatpipe_configdl.txt - Third Party Advisory
References	~~() https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php - Third Party Advisory~~	() https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php - Third Party Advisory

21 Dec 2021, 13:46

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 7.5
References	~~(CONFIRM) https://www.fatpipeinc.com/support/cve-list.php -~~	(CONFIRM) https://www.fatpipeinc.com/support/cve-list.php - Vendor Advisory
References	~~(MISC) https://www.zeroscience.mk/codes/fatpipe_configdl.txt -~~	(MISC) https://www.zeroscience.mk/codes/fatpipe_configdl.txt - Third Party Advisory
References	~~(MISC) https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php -~~	(MISC) https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php - Third Party Advisory
CPE		cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p45-m:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p26:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p2:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r144:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p12:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58s1:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r144:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p55:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:7.1.2:r39:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p71:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p45:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r25:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p45-m:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r10:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r25:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p3:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p13:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p26:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p32:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r38:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p20:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p10:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p26:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r185:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p26:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p65:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r144:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r10:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p16:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p12:::::: cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p26:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r150:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p35:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p75-m:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p10:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r156:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r129:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p45:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p3:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r180p2:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p55:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58s1:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p35:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p20:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58s1:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r165:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p32:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p13:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p5:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:7.1.2:r39:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r10:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r165:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p55:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p20:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p17:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p12:::::: cpe:2.3:h:fatpipeinc:warp:-:::::::* cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p4:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r156:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p2:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r25:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p5:::::: cpe:2.3:o:fatpipeinc:warp_firmware:5.2.0:r34:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p26:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p5:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p2:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p17:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p65:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p13:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p4:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r185:::::: cpe:2.3:h:fatpipeinc:ipvpn:-:::::::* cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r180p2:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p16:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p3:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r38:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r180p2:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r150:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r129:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p82:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p17:::::: cpe:2.3:h:fatpipeinc:mpvpn:-:::::::* cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p82:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p71:::::: cpe:2.3:o:fatpipeinc:warp_firmware:7.1.2:r39:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p4:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p10:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r185:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p32:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p75-m:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p16:::::: cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p75-m:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r38:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p35:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r150:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p45:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:5.2.0:r34:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r129:::::: cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p45-m:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:5.2.0:r34:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r156:::::: cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p82:::::: cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p65:::::: cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p71:::::: cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r165::::::
CWE		CWE-862

15 Dec 2021, 20:18

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-12-15 20:15

Updated : 2024-11-21 05:58

NVD link : CVE-2021-27857

Mitre link : CVE-2021-27857

CVE.ORG link : CVE-2021-27857

JSON object : View

Products Affected

fatpipeinc

ipvpn_firmware
warp
mpvpn
mpvpn_firmware
warp_firmware
ipvpn

CWE

CWE-862

Missing Authorization

{"id": "CVE-2021-27857", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "cret@cert.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-12-15T20:15:08.057", "references": [{"url": "https://www.fatpipeinc.com/support/cve-list.php", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "https://www.zeroscience.mk/codes/fatpipe_configdl.txt", "tags": ["Third Party Advisory"], "source": "cret@cert.org"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php", "tags": ["Third Party Advisory"], "source": "cret@cert.org"}, {"url": "https://www.fatpipeinc.com/support/cve-list.php", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.zeroscience.mk/codes/fatpipe_configdl.txt", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5683.php", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "cret@cert.org", "description": [{"lang": "en", "value": "CWE-862"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a remote, unauthenticated attacker to download a configuration archive. The attacker needs to know or correctly guess the hostname of the target system since the hostname is used as part of the configuration archive file name. Older versions of FatPipe software may also be vulnerable. The FatPipe advisory identifier for this vulnerability is FPSA003."}, {"lang": "es", "value": "Una vulnerabilidad de falta de autorizaci\u00f3n en la interfaz de administraci\u00f3n web del software FatPipe WARP, IPVPN y MPVPN versiones anteriores a 10.1.2r60p91 y 10.2.2r42, permite a un atacante remoto no autenticado descargar un archivo de configuraci\u00f3n. El atacante necesita conocer o adivinar correctamente el nombre de host del sistema de destino, ya que el nombre de host es usado como parte del nombre del archivo de configuraci\u00f3n. Las versiones m\u00e1s antiguas del software FatPipe tambi\u00e9n pueden ser vulnerables. El identificador de asesoramiento de FatPipe para esta vulnerabilidad es FPSA003"}], "lastModified": "2024-11-21T05:58:39.150", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:5.2.0:r34:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11DB09F-2C14-470E-88B9-19AA1CB9D13A"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B1511DD-B05D-4441-9FEE-4AE5B99AD765"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p45-m:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A544091F-16BB-4942-8C5D-78BAB27763D9"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p75-m:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF6314CA-0BC5-4EA8-8169-5A3AA83EDC2A"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:7.1.2:r39:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE36BBDB-5A65-4F61-8749-883E59300639"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r129:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A79A392B-0607-4C83-8D1F-45F99354CF93"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r144:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39FD234C-69BF-4A59-A5B6-BA962D4A86EE"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r150:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A2B1AB1-BF7C-4BD6-819A-A71340D00BD0"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r156:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C72012D-F06D-40BB-B361-44CE980C7B4D"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "961268B1-E804-4291-AA38-F2905B98285F"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87F0BAD3-7145-496C-823D-C035AB73D5CB"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86FA270B-1EEF-4506-B3F8-0019E1965E12"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6DAAB93-C2E9-4097-BB7E-A22C37860302"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD8347A2-BAF5-420D-A52A-2A7B1BFE5619"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF28B01F-9E9C-4703-9418-5CDA93305885"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA076D5B-9EDA-4DCB-BF15-5C361DE6F975"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63B936C2-F61D-4E75-B7F7-4DD4A9735FB2"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54ED4A12-F805-4A79-B083-0473BD5003EC"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFEE2206-4D60-4C9E-A874-A4F23FF59059"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r165:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77D045E8-12A8-4EDF-A423-F840CB2CF0AA"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r180p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A22D90B-E219-47A3-8396-820CD58A052A"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r185:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "682F18C0-D9CD-44BC-8C72-A50F4B4741CF"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22CA1387-CD4F-45AE-A9CC-68E5538CDA49"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E46BE6C-734A-4D81-9BFB-24160B9A2477"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p32:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC05A847-376E-48C1-B7BC-1095610FF846"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p35:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74A68C7C-DF85-4EB4-85EE-C98646D5C46F"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p45:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57876C43-071C-46FE-9A40-779F95DDCA93"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p55:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30503A37-B4CB-45FF-81E6-9967BEEB1A5D"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C44ABAF5-2B4C-4C44-8BF5-4F15E35BAD84"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDBC02C3-09AF-4AD7-B1D6-D4C82DFD7BAF"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p65:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A12609EA-15AD-4215-9662-A93906593DB1"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p71:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A34C4419-C0AB-4A10-A5A3-E9DCD1A69B6D"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p82:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "234EE25D-AEAF-4D3F-B1B8-BEDFBB93CA61"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D29250D9-4635-4BBB-9D1C-289C7ADFEAE5"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8BD7D98-B18F-4FB9-B63D-7298033D8F38"}, {"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r38:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BFBA83C-C03A-4C5E-ACBC-8BEC41B901F7"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fatpipeinc:ipvpn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0CAF1D0-9EC6-4959-973C-6C37E3B2E6E0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:5.2.0:r34:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CC854BA-4F7B-482F-B13F-B16E99C00ECD"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0F4857C-0262-4D50-A209-B731CE4DE4C6"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p45-m:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00BDFE07-2443-4B79-A9CB-F3F03A0AA313"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p75-m:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD497063-FA78-4AAC-807F-C03771781D15"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:7.1.2:r39:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D5E161C-B6B6-40E8-B0E8-AEB72998119E"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r129:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EA6CD57-2FC4-4D38-B3BC-2BE458672BC3"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r144:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D6D61B6-78CF-47A5-B18D-394803F768B7"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r150:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FAB00D7-319D-4628-819E-608A4392E901"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r156:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58B8C748-C873-4611-9D25-FF73439F6559"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FBE83D2-96E7-489E-A7A1-D02193D022A2"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "532021A2-9D2C-4365-AA76-8B9F1E3401D1"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "561F487C-3FCE-4F68-ADEF-61A807E18A2B"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44135F5A-96DC-471E-9A7C-48EA124E5DBB"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34A8EC2F-BB91-448E-B21C-2D7822CA04F2"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20810603-1A08-4AEE-A6C5-EFEDB3C923BC"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37C5C6DC-5FBA-4D8D-ADEF-F8DB232001C6"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12B67BB1-3943-4F30-8470-FF3E446F5E3F"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72F686C1-E970-41CF-A5F6-842E0B15D85E"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19E99ECD-6D6C-4290-9D41-47CFA9373B41"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r165:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9D58BE6-BE5C-48A2-AE61-FFC0612AEFB0"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r180p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "072EF984-3F4F-44ED-BFE4-78E063B474BB"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r185:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAD39775-38AC-439A-96F4-7DAD9A2E1537"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC62B752-36D4-4F2F-ACA0-4D693FC6315C"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "239431AD-427E-40C9-9DEA-F4B2B8734529"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p32:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40E8F365-0C9D-473F-A5F6-E05872B3A925"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p35:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "597A3F8A-1538-4B71-8D4D-2966F49E023B"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p45:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2991483-7274-4FA9-AA96-7BD0C2715FCC"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p55:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23CA58A4-64A3-47B7-A4A0-8A6D9513A16C"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22A27D18-8022-4B5C-9314-A087674C14A6"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C11B36AB-043E-4DE8-AFCC-92E3092C0E26"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p65:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39FEF22E-F568-40E6-8BBF-D52600DE082D"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p71:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D9DF278-ECE1-4530-BCE4-95266340BE47"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p82:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11649A08-A14B-46C8-97DB-9EB5FB7BF25B"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D23782A1-EA7E-4B22-8943-F69510673CBA"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7B5F773-EC27-475A-ADE3-E4A33D1DFA64"}, {"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r38:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60D7B24F-0075-4362-9F07-A0C55F07FA9F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fatpipeinc:mpvpn:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "11AA0180-8172-4021-AADF-7BAB1CA1BA96"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:5.2.0:r34:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2779B6CB-CF0B-444A-A658-CB8D550FD147"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8D0375A-3A01-445E-A95C-7E476CD4047E"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p45-m:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9B63E36-32CA-4818-8BAC-5862188DFE6F"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p75-m:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8495282B-C4C3-44FE-8D6F-00AD59662A24"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:7.1.2:r39:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A2CBBCD-5D2E-4349-889A-F3F20ABDC1A0"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r129:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18525C9D-D44D-4E0C-98A1-2389C257FFC2"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r144:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4E22F42-D478-4E30-AD9C-50A4E799940B"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r150:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD864580-CF91-412C-A62E-3E7252DF91FD"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r156:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A14E5ABD-D2D4-4758-B18B-3CA0323D9518"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8EB1872-FE49-48EE-AF78-9373780F7D93"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p16:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B11060EA-6755-4FC3-A305-E944861EDDB4"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A20EF491-1355-4489-A839-69B46C70CC7B"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4C0EABF-3D71-4EC9-B400-A4F043745B3C"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99D631C-1596-4A7F-BF10-E69A1EB35C55"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p26:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7ECBD142-1C63-4FA1-BF2F-7DEE7730FC15"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "645624F5-234D-4950-9385-7151C47C8621"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C387783D-8402-46F2-AF87-73E8CD5BE097"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "040AF513-BC93-4B5F-A10A-915E4A711C1B"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7688DC18-49BE-4F9C-A8B9-A5F84C093D17"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r165:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF508B6C-23B7-444E-A9F4-400CA4D85431"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r180p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E80C09C-42A5-4AD2-9DEA-EB64AED72246"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r185:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05E59433-8420-451C-AA76-78AF013F7AFA"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A480CA1-79C6-43C3-B142-BD30FE00EA95"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36582BDF-9829-495C-A027-9F0F1DE78093"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p32:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66D454E0-7E23-494C-BBCB-D56FF3FAD754"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p35:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B577293-9B56-44A5-A91C-8B2D885B0B7D"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p45:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76EC4FBC-48B9-46A7-93D6-F6812A25CC1F"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p55:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "143AAD4E-163B-4D30-9A5B-2ED6A48681C1"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1820F183-B5D5-4828-93D7-CEC6B7FE0176"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8D59DA4-8DF8-46D2-A77C-7785BD253168"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p65:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D7E2B2B-798F-4A39-BA9E-FAD53AC561D9"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p71:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B418905D-675D-4E3D-840F-45F2C3FF1855"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p82:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB2984C2-9C12-4926-BF31-AE064AAE9F45"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F614A03-CAF0-43EB-BAF4-E0A9EA1CF522"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8068BA02-8996-436D-B9DF-373AECF61A45"}, {"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r38:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C56FE165-AFA7-4E47-9BB3-3326086D5C45"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:fatpipeinc:warp:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F56A62D9-6FE7-4062-9D83-75BFE14A0E83"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cret@cert.org"}

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-27857

7.5^/10

4.3^/10

Attach tags to `CVE-2021-27857`