CVE-2021-47743
📋 TL;DR
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters. Attackers can inject malicious scripts that execute in victims' browsers when they visit the system. This affects all users of the vulnerable version who access the system via web interface.
💻 Affected Systems
- COMMAX Biometric Access Control System
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator credentials, hijack sessions, redirect users to malicious sites, or perform actions on behalf of authenticated users.
Likely Case
Session hijacking, credential theft, or defacement of the access control interface.
If Mitigated
Limited impact with proper input validation and output encoding in place.
🎯 Exploit Status
Exploitation requires tricking users into clicking malicious links but doesn't require authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://www.commax.com/
Restart Required: No
Instructions:
1. Check vendor website for security updates
2. Apply any available patches
3. Verify fix by testing cookie parameter sanitization
🔧 Temporary Workarounds
Web Application Firewall (WAF)
allDeploy WAF with XSS protection rules to block malicious cookie values
Input Validation Filter
allImplement server-side validation to sanitize CMX_ADMIN_NM and CMX_COMPLEX_NM cookie values
🧯 If You Can't Patch
- Isolate the system from internet access and restrict to internal network only
- Implement strict access controls and monitor for suspicious cookie values in logs
🔍 How to Verify
Check if Vulnerable:
Test by injecting script payloads into CMX_ADMIN_NM and CMX_COMPLEX_NM cookie parameters and checking if they execute in browserCheck Version:
Check system interface or documentation for version informationVerify Fix Applied:
Verify that script payloads in cookie parameters are properly sanitized and don't execute📡 Detection & Monitoring
Log Indicators:
- Unusual cookie values containing script tags or JavaScript code
- Multiple failed login attempts with suspicious cookie parameters
Network Indicators:
- HTTP requests with malicious script payloads in cookie headers
- Unusual redirects from the access control system
SIEM Query:
source="web_logs" AND (cookie CONTAINS "<script>" OR cookie CONTAINS "javascript:")🔗 References
- https://cxsecurity.com/issue/WLB-2021080063
- https://exchange.xforce.ibmcloud.com/vulnerabilities/207578
- https://packetstormsecurity.com/files/163834
- https://www.commax.com/
- https://www.vulncheck.com/advisories/commax-biometric-access-control-system-reflected-xss-via-cookie-parameters
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5660.php
