Published: 03/05/2022 Updated: 11/05/2022

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path".

Vulnerable Product	Search on Vulmon	Subscribe to Product
mitrastar gpt-2541gnac-n1_firmware br_g3.5_100vnz0b33

Privilege escalation vulnerability on MitraStar routers

Privilege-escalation-MitraStar-Router-GPT-2541GNAC-N1 CVE-2021-42165 Privilege escalation vulnerability on MitraStar routers Device: Mitrastar GPT-2541GNAC-N1 Firmware: BR_g35_100VNZ0b33 (not tested in other version) Exploit: Mitrastar GPT-2541GNAC-N1 devices are provided with access through ssh into a restricted default shell: The restricted shell has CLI Version “Redu

CWE-78 https://www.exploit-db.com/exploits/50351 https://packetstormsecurity.com/files/164333/Mitrastar-GPT-2541GNAC-N1-Privilege-Escalation.html https://github.com/leoservalli/Privilege-escalation-MitraStar/blob/main/README.md https://nvd.nist.gov https://github.com/leoservalli/Privilege-escalation-MitraStar

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-42165

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect