CRITICAL: CVE-2021-4473 (CVSS 9.8) — topsecgroup tianxin internet behavior management system
CVE: CVE-2021-4473
CVSS: 9.8 (3.1) — CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL
Status: Critical advisory
Affected
- topsecgroup tianxin internet behavior management system
Summary
Tianxin Internet Behavior Management System contains a command injection vulnerability in the Reporter component endpoint that allows unauthenticated attackers to execute arbitrary commands by supplying a crafted objClass parameter containing shell metacharacters and output redirection. Attackers can exploit this vulnerability to write malicious PHP files into the web root and achieve remote code execution with the privileges of the web server process. This vulnerability has been fixed in version NACFirmware_4.0.0.7_20210716.180815_topsec_0_basic.bin. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-06-01 (UTC).
Verified Sources
References
- https://avd.aliyun.com/detail?id=AVD-2021-890232
- https://cn-sec.com/archives/4631959.html
- https://www.cnvd.org.cn/flaw/show/CNVD-2021-41972
- https://www.cnvd.org.cn/patchInfo/show/280166
- https://www.vulncheck.com/advisories/tianxin-internet-behavior-management-system-command-injection-via-toquery-php
_Validated by the Lyrie Threat Intelligence Pipeline — 3 independent sources confirmed before publication. No speculation._
Lyrie Verdict
A vulnerability of this severity is exactly what Lyrie's anti-rogue-AI defense is built for: continuous, autonomous monitoring that doesn't wait for human reaction time.
Validated sources
- [1]NVD
- [2]GitHub Advisory
- [3]MITRE