CVE-2021-45878 – This vulnerability allows any user to access an... (How to Fix)

Q: What is the severity of CVE-2021-45878?

CVE-2021-45878 has a CVSS score of 9.1 (CRITICAL). This vulnerability allows any user to access and modify web management pages on GARO Wallbox charging stations due to missing access controls. Attackers can view sensitive information and change configuration settings without authentication. All users of affected GARO Wallbox models with exposed web interfaces are impacted.

📋 TL;DR

This vulnerability allows any user to access and modify web management pages on GARO Wallbox charging stations due to missing access controls. Attackers can view sensitive information and change configuration settings without authentication. All users of affected GARO Wallbox models with exposed web interfaces are impacted.

💻 Affected Systems

Products:

GARO Wallbox GLB
GARO Wallbox GTB
GARO Wallbox GTC

Versions: Multiple versions (specific versions not detailed in provided references)

Operating Systems: Embedded systems in charging stations

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations with web interface enabled are vulnerable. Requires network access to the device's web interface.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of charging station functionality, including disabling charging, modifying billing/access controls, or causing physical damage through improper electrical settings.

🟠

Likely Case

Unauthorized access to user data, modification of charging schedules/pricing, or disruption of charging services.

🟢

If Mitigated

Limited impact if web interface is isolated from untrusted networks and proper network segmentation is implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only web browser access to the management interface. No authentication or special tools needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not provided in references

Restart Required: No

Instructions:

Contact GARO support for firmware updates. Check manufacturer website for security advisories and patches.

🔧 Temporary Workarounds

Network Isolation

all

Isolate charging station management interfaces from untrusted networks using VLANs or physical segmentation

Firewall Restrictions

all

Implement firewall rules to restrict access to management interface IP/ports to authorized administrative networks only

🧯 If You Can't Patch

Segment charging station network from corporate/guest networks
Implement strict firewall rules allowing only necessary traffic to management interfaces

🔍 How to Verify

Check if Vulnerable:

Attempt to access web management interface without authentication. If accessible, device is vulnerable.

Check Version:

Check device web interface or physical label for firmware version, then compare with vendor security advisories.

Verify Fix Applied:

Verify authentication is required for all management pages after applying vendor patches or workarounds.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to management pages
Configuration changes from unexpected IP addresses

Network Indicators:

HTTP requests to management interface from unauthorized subnets
Unusual traffic patterns to charging station management ports

SIEM Query:

source_ip NOT IN (authorized_admin_ips) AND dest_port IN (80,443,8080) AND dest_ip IN (charging_station_ips)

📊 Metadata

CVE ID: CVE-2021-45878

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-306

Published: March 21, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/delikely/advisory/tree/main/GARO Third Party Advisory
https://github.com/delikely/advisory/tree/main/GARO Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-45878, you might also want to check these: