CVE-2021-47662
📋 TL;DR
This vulnerability allows unauthenticated remote attackers to trigger a shutdown button via HTTPS connections, causing denial of service. Any system running the affected software with HTTPS enabled is vulnerable to disruption.
💻 Affected Systems
- Specific product information not provided in CVE description
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete service outage for all affected systems, potentially disrupting critical operations until manual intervention restores service.
Likely Case
Intermittent service disruptions as attackers trigger shutdowns, requiring system reboots and causing availability issues.
If Mitigated
Limited impact with proper network segmentation and authentication controls preventing unauthorized access to the shutdown endpoint.
🎯 Exploit Status
Exploitation requires network access to the HTTPS service but no authentication credentials.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not specified
Vendor Advisory: Not provided in CVE description
Restart Required: No
Instructions:
1. Check vendor advisory for specific patch details
2. Apply security updates when available
3. Verify HTTPS service functionality post-update
🔧 Temporary Workarounds
Network Access Control
linuxRestrict HTTPS access to trusted IP addresses only
iptables -A INPUT -p tcp --dport 443 -s trusted_ip -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j DROP
Authentication Enforcement
allImplement authentication for all HTTPS endpoints including shutdown functionality
🧯 If You Can't Patch
- Implement strict network segmentation to isolate affected systems from untrusted networks
- Deploy web application firewall rules to block requests to shutdown endpoints from unauthorized sources
🔍 How to Verify
Check if Vulnerable:
Test if unauthenticated HTTPS requests to the shutdown endpoint cause service disruptionCheck Version:
Check specific product documentation for version identification commandsVerify Fix Applied:
Verify that authentication is required for shutdown functionality and unauthorized requests are rejected📡 Detection & Monitoring
Log Indicators:
- Unauthenticated HTTPS requests to shutdown endpoints
- Unexpected service termination events
- Multiple connection attempts from single sources
Network Indicators:
- Spike in HTTPS traffic followed by service unavailability
- Requests to known shutdown URIs from unauthorized sources
SIEM Query:
source_port=443 AND (uri_contains="shutdown" OR uri_contains="terminate") AND auth_status="failed"