CVE-2021-28918 - OpenCVE

Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Netmask Project	Netmask

Configuration 1 [-]

cpe:2.3:a:netmask_project:netmask:*:*:*:*:*:node.js:*:*

References

Link	Resource
https://github.com/advisories/GHSA-pch5-whg9-qr2r	Third Party Advisory
https://github.com/rs/node-netmask	Third Party Advisory
https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md	Exploit Third Party Advisory
https://rootdaemon.com/2021/03/29/vulnerability-in-netmask-npm-package-affects-280000-projects/	Third Party Advisory
https://security.netapp.com/advisory/ntap-20210528-0010/	Third Party Advisory
https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/	Exploit Press/Media Coverage Third Party Advisory
https://www.npmjs.com/package/netmask	Product Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-04-01T12:33:50

Updated: 2021-12-30T15:18:56

Reserved: 2021-03-19T00:00:00

Link: CVE-2021-28918

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-04-01T13:15:14.460

Modified: 2023-08-08T14:22:24.967

Link: CVE-2021-28918

JSON object: View

Redhat Information

No data.

CWE

CWE-704

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-12-30T15:18:56", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.npmjs.com/package/netmask"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/rs/node-netmask"}, {"tags": ["x_refsource_MISC"], "url": "https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/advisories/GHSA-pch5-whg9-qr2r"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20210528-0010/"}, {"tags": ["x_refsource_MISC"], "url": "https://rootdaemon.com/2021/03/29/vulnerability-in-netmask-npm-package-affects-280000-projects/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-28918", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.npmjs.com/package/netmask", "refsource": "MISC", "url": "https://www.npmjs.com/package/netmask"}, {"name": "https://github.com/rs/node-netmask", "refsource": "MISC", "url": "https://github.com/rs/node-netmask"}, {"name": "https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/", "refsource": "MISC", "url": "https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/"}, {"name": "https://github.com/advisories/GHSA-pch5-whg9-qr2r", "refsource": "MISC", "url": "https://github.com/advisories/GHSA-pch5-whg9-qr2r"}, {"name": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md", "refsource": "MISC", "url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md"}, {"name": "https://security.netapp.com/advisory/ntap-20210528-0010/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20210528-0010/"}, {"name": "https://rootdaemon.com/2021/03/29/vulnerability-in-netmask-npm-package-affects-280000-projects/", "refsource": "MISC", "url": "https://rootdaemon.com/2021/03/29/vulnerability-in-netmask-npm-package-affects-280000-projects/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-28918", "datePublished": "2021-04-01T12:33:50", "dateReserved": "2021-03-19T00:00:00", "dateUpdated": "2021-12-30T15:18:56", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netmask_project:netmask:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "1EDCEBC9-A043-4B75-BF02-1CA22DFA4E10", "versionEndIncluding": "1.0.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs and reach critical VPN or LAN hosts."}, {"lang": "es", "value": "Una comprobaci\u00f3n inapropiada de entrada de cadenas octales en el paquete netmask npm versiones v1.0.6 y anteriores, permite a atacantes remotos no autenticados llevar a cabo ataques de tipo SSRF, RFI y LFI indeterminados en muchos de los paquetes dependientes. Un atacante remoto no autenticado puede omitir unos paquetes que dependen de la m\u00e1scara de red para filtrar las direcciones IP y llegar a hosts cr\u00edticos de VPN o LAN."}], "id": "CVE-2021-28918", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-01T13:15:14.460", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/advisories/GHSA-pch5-whg9-qr2r"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/rs/node-netmask"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-011.md"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://rootdaemon.com/2021/03/29/vulnerability-in-netmask-npm-package-affects-280000-projects/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20210528-0010/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Press/Media Coverage", "Third Party Advisory"], "url": "https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/"}, {"source": "cve@mitre.org", "tags": ["Product", "Third Party Advisory"], "url": "https://www.npmjs.com/package/netmask"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-704"}], "source": "nvd@nist.gov", "type": "Primary"}]}