CVE-2021-40378 : Security Advisory and Response
Discover the impact of CVE-2021-40378, a vulnerability in Compro IP70, IP570, IP60, and TN540 devices, allowing attackers to delete all device data. Learn mitigation steps.
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices. /cgi-bin/support/killps.cgi deletes all data from the device.
Understanding CVE-2021-40378
This CVE involves multiple vulnerable devices from Compro Technology that are affected by a data deletion issue.
What is CVE-2021-40378?
CVE-2021-40378 flags a vulnerability in Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices where executing /cgi-bin/support/killps.cgi causes complete data deletion on the affected device.
The Impact of CVE-2021-40378
The deletion of all data from the device can lead to severe data loss, compromising critical information stored on the device.
Technical Details of CVE-2021-40378
This section dives into the specifics of the vulnerability.
Vulnerability Description
The vulnerability lies in the /cgi-bin/support/killps.cgi script, allowing an attacker to delete all data on the targeted Compro devices.
Affected Systems and Versions
- Affected Products: n/a
- Affected Versions: n/a
Exploitation Mechanism
An attacker can exploit this vulnerability by sending a crafted request to /cgi-bin/support/killps.cgi, triggering the deletion of all data on the device.
Mitigation and Prevention
Protecting systems from this vulnerability requires immediate actions and long-term security practices.
Immediate Steps to Take
- Disable access to /cgi-bin/support/killps.cgi if possible.
- Monitor network traffic for any suspicious activity on the affected devices.
Long-Term Security Practices
- Regularly update device firmware to patch known vulnerabilities.
- Implement network segmentation to isolate critical devices.
Patching and Updates
Apply patches provided by Compro Technology to address the vulnerability and prevent unauthorized data deletion.