Sign-up

ID

VAR-202002-1366


CVE

CVE-2020-8858


TITLE

Moxa MGate 5105-MB-EIP operating system command injection vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-53805 // CNNVD: CNNVD-202002-451

DESCRIPTION

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9552. Moxa MGate 5105-MB-EIP For firmware, OS A command injection vulnerability exists. Zero Day Initiative To this vulnerability ZDI-CAN-9552 Was numbered.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. MGate 5105-MB-EIP is an industrial Ethernet gateway that supports MQTT or third-party cloud services (such as Azure and Alibaba Cloud). It can construct Modbus RTU/ASCII/TCP and EtherNet/IP network communications for IIoT applications

Trust: 2.79

sources: NVD: CVE-2020-8858 // JVNDB: JVNDB-2020-002055 // ZDI: ZDI-20-214 // CNVD: CNVD-2020-53805

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-53805

AFFECTED PRODUCTS

vendor:moxamodel:mgate 5105-mb-eipscope:eqversion:4.1

Trust: 1.4

vendor:moxamodel:mgate 5105-mb-eipscope:eqversion: -

Trust: 1.2

vendor:moxamodel:mgate 5105-mb-eip-tscope:lteversion:4.1

Trust: 1.0

vendor:moxamodel:mgate 5105-mb-eipscope:lteversion:4.1

Trust: 1.0

vendor:moxamodel:mgate 5105-mb-eip-tscope:eqversion:4.1

Trust: 0.8

vendor:moxamodel:mgate 5105-mb-eipscope: - version: -

Trust: 0.7

vendor:moxamodel:mgate 5105-mb-eipscope:ltversion:4.1

Trust: 0.6

vendor:moxamodel:mgate 5105-mb-eip-tscope:eqversion: -

Trust: 0.6

sources: ZDI: ZDI-20-214 // CNVD: CNVD-2020-53805 // JVNDB: JVNDB-2020-002055 // CNNVD: CNNVD-202002-451 // NVD: CVE-2020-8858

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-8858
value: HIGH

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-8858
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-002055
value: HIGH

Trust: 0.8

ZDI: CVE-2020-8858
value: HIGH

Trust: 0.7

CNVD: CNVD-2020-53805
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202002-451
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-8858
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-002055
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-53805
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-8858
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

zdi-disclosures@trendmicro.com: CVE-2020-8858
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 1.0

NVD: JVNDB-2020-002055
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2020-8858
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-214 // CNVD: CNVD-2020-53805 // JVNDB: JVNDB-2020-002055 // CNNVD: CNNVD-202002-451 // NVD: CVE-2020-8858 // NVD: CVE-2020-8858

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.8

sources: JVNDB: JVNDB-2020-002055 // NVD: CVE-2020-8858

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202002-451

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202002-451

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-002055

PATCH
title:MGate 5105-MB-EIP Series Protocol Gateways Vulnerabilityurl:https://www.moxa.com/en/support/support/security-advisory/mgate-5105-mb-eip-series-protocol-gateways-vulnerability
Trust: 1.5
title:Patch for Moxa MGate 5105-MB-EIP operating system command injection vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/235519
Trust: 0.6
title:Moxa MGate 5105-MB-EIP Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110093
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-214 // 
            
            
            
            CNVD: CNVD-2020-53805 // 
            
            
            
            JVNDB: JVNDB-2020-002055 // 
            
            
            
            CNNVD: CNNVD-202002-451

EXTERNAL IDS
db:NVDid:CVE-2020-8858
Trust: 3.7
db:ZDIid:ZDI-20-214
Trust: 2.3
db:JVNDBid:JVNDB-2020-002055
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-9552
Trust: 0.7
db:CNVDid:CNVD-2020-53805
Trust: 0.6
db:CNNVDid:CNNVD-202002-451
Trust: 0.6
sources:
            
            
            ZDI: ZDI-20-214 // 
            
            
            
            CNVD: CNVD-2020-53805 // 
            
            
            
            JVNDB: JVNDB-2020-002055 // 
            
            
            
            CNNVD: CNNVD-202002-451 // 
            
            
            
            NVD: CVE-2020-8858

REFERENCES
url:https://www.moxa.com/en/support/support/security-advisory/mgate-5105-mb-eip-series-protocol-gateways-vulnerability
Trust: 2.9
url:https://www.zerodayinitiative.com/advisories/zdi-20-214/
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8858
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2020-8858
Trust: 0.8
sources:
            
            
            ZDI: ZDI-20-214 // 
            
            
            
            CNVD: CNVD-2020-53805 // 
            
            
            
            JVNDB: JVNDB-2020-002055 // 
            
            
            
            CNNVD: CNNVD-202002-451 // 
            
            
            
            NVD: CVE-2020-8858

CREDITS
Dove Chiu, Philippe Lin, Charles Perine, Marco Balduzzi, Ryan Flores, Rainer Vosseler
Trust: 0.7
sources:
            
            
            ZDI: ZDI-20-214

SOURCES
db:ZDIid:ZDI-20-214
db:CNVDid:CNVD-2020-53805
db:JVNDBid:JVNDB-2020-002055
db:CNNVDid:CNNVD-202002-451
db:NVDid:CVE-2020-8858

LAST UPDATE DATE
2024-11-23T23:01:31.339000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-20-214date:2020-04-01T00:00:00
db:CNVDid:CNVD-2020-53805date:2020-09-24T00:00:00
db:JVNDBid:JVNDB-2020-002055date:2020-03-03T00:00:00
db:CNNVDid:CNNVD-202002-451date:2020-03-02T00:00:00
db:NVDid:CVE-2020-8858date:2024-11-21T05:39:34.993

SOURCES RELEASE DATE
db:ZDIid:ZDI-20-214date:2020-02-11T00:00:00
db:CNVDid:CNVD-2020-53805date:2020-09-24T00:00:00
db:JVNDBid:JVNDB-2020-002055date:2020-03-03T00:00:00
db:CNNVDid:CNNVD-202002-451date:2020-02-11T00:00:00
db:NVDid:CVE-2020-8858date:2020-02-14T18:15:11.433