CVE-2021-20072 – This vulnerability in Racom's MIDGE Firmware al... (How to Fix)

Q: What is the severity of CVE-2021-20072?

CVE-2021-20072 has a CVSS score of 7.2 (HIGH). This vulnerability in Racom's MIDGE Firmware allows authenticated attackers to perform directory traversal attacks, enabling arbitrary file access and deletion. It affects systems running the vulnerable firmware version. Attackers with valid credentials can exploit this to compromise system integrity.

📋 TL;DR

This vulnerability in Racom's MIDGE Firmware allows authenticated attackers to perform directory traversal attacks, enabling arbitrary file access and deletion. It affects systems running the vulnerable firmware version. Attackers with valid credentials can exploit this to compromise system integrity.

💻 Affected Systems

Products:

Racom MIDGE Firmware

Versions: 4.4.40.105

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to exploit. Affects specific firmware version of Racom MIDGE devices.

📦 What is this software?

M\!dge Firmware by Racom

View all CVEs affecting M\!dge Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through deletion of critical system files or exfiltration of sensitive configuration data, potentially leading to device bricking or unauthorized access to network infrastructure.

🟠

Likely Case

Unauthorized access to sensitive files, configuration tampering, or deletion of operational files causing service disruption.

🟢

If Mitigated

Limited impact with proper access controls, network segmentation, and monitoring in place to detect traversal attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires valid credentials but directory traversal techniques are well-documented and easy to implement.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Later than 4.4.40.105

Vendor Advisory: https://www.tenable.com/security/research/tra-2021-04

Restart Required: Yes

Instructions:

1. Check current firmware version. 2. Contact Racom for patched firmware. 3. Backup configuration. 4. Apply firmware update. 5. Verify update success. 6. Restart device.

🔧 Temporary Workarounds

Restrict Access Controls

all

Implement strict access controls and limit authenticated user privileges to minimize attack surface.

Network Segmentation

all

Isolate affected devices in separate network segments with strict firewall rules.

🧯 If You Can't Patch

Implement strict network access controls to limit device exposure
Enable detailed logging and monitoring for directory traversal attempts

🔍 How to Verify

Check if Vulnerable:

Check firmware version via device web interface or CLI. If version is 4.4.40.105, device is vulnerable.

Check Version:

Check via device web interface or manufacturer-specific CLI commands

Verify Fix Applied:

Verify firmware version is updated to a version later than 4.4.40.105 and test directory traversal attempts fail.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Directory traversal strings in logs
Multiple failed access attempts

Network Indicators:

HTTP requests containing '../' patterns
Unusual file access to system directories

SIEM Query:

http.uri contains "../" AND device.vendor="Racom" AND device.model="MIDGE"

📊 Metadata

CVE ID: CVE-2021-20072

CVSS v3 Score: 7.2 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

Published: February 16, 2021

Last Updated: November 21, 2024

🔗 References

https://www.tenable.com/security/research/tra-2021-04 Third Party Advisory
https://www.tenable.com/security/research/tra-2021-04 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-20072, you might also want to check these: