Login Sign Up

CVE-2021-21751

8.1 HIGH

📋 TL;DR

This vulnerability in ZTE BigVideo analysis product allows authenticated attackers with high privileges to tamper with URLs due to inconsistent front-end and back-end validation. This can cause service exceptions and potentially disrupt video analysis operations. Organizations using ZTE BigVideo analysis products are affected.

💻 Affected Systems

Products:
  • ZTE BigVideo analysis product
Versions: Specific versions not publicly detailed in available references
Operating Systems: Unknown - Likely proprietary or embedded OS
Default Config Vulnerable: ⚠️ Yes
Notes: Requires high-privilege access to exploit. Exact affected versions not specified in public advisories.

📦 What is this software?

Zxin10 Cms by Zte

View all CVEs affecting Zxin10 Cms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Service disruption leading to complete unavailability of video analysis capabilities, potentially affecting critical monitoring or surveillance operations.

🟠

Likely Case

Partial service degradation or temporary unavailability of specific video analysis functions.

🟢

If Mitigated

Minimal impact with proper access controls and monitoring in place to detect and respond to unauthorized configuration changes.

🌐 Internet-Facing: MEDIUM - While exploitation requires high privileges, internet-facing instances could be targeted by attackers who have compromised privileged accounts.
🏢 Internal Only: HIGH - Internal attackers with legitimate high privileges could exploit this to disrupt services, making it an insider threat concern.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW - Once an attacker has high privileges, exploitation appears straightforward based on the description.

Exploitation requires high-privilege access, making it more suitable for insider threats or attackers who have already compromised privileged accounts.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in available references

Vendor Advisory: https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884

Restart Required: Yes

Instructions:

1. Contact ZTE support for specific patch information. 2. Apply the security update provided by ZTE. 3. Restart the BigVideo analysis service. 4. Verify the fix by testing URL validation consistency.

🔧 Temporary Workarounds

Restrict Privileged Access

all

Limit the number of users with high privileges to only those who absolutely need them for their job functions.

Implement Additional URL Validation

all

Add server-side validation for all URL inputs to ensure consistency between front-end and back-end validation.

🧯 If You Can't Patch

  • Implement strict access controls to limit high-privilege accounts
  • Monitor configuration changes and URL manipulation attempts in logs

🔍 How to Verify

Check if Vulnerable:

Check if your ZTE BigVideo analysis product version matches affected versions by contacting ZTE support. Test URL validation consistency between front-end and back-end.

Check Version:

Check product version through ZTE BigVideo administration interface or contact ZTE support for version identification methods.

Verify Fix Applied:

After applying patches, test that URL tampering attempts are properly blocked by both front-end and back-end validation.

📡 Detection & Monitoring

Log Indicators:

  • Unusual configuration changes
  • Failed URL validation attempts
  • Privileged user activity outside normal patterns

Network Indicators:

  • Unexpected service restarts
  • Unusual traffic patterns to configuration endpoints

SIEM Query:

privileged_user AND (url_modification OR configuration_change) AND zte_bigvideo

📊 Metadata

CVE ID: CVE-2021-21751
CVSS v3 Score: 8.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Published: December 27, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON