CVE-2021-47747
📋 TL;DR
This vulnerability allows authenticated attackers to execute arbitrary system commands with administrative privileges in meterN energy monitoring software. Attackers can exploit POST parameters in admin scripts to achieve remote code execution. Organizations running meterN 1.2.3 are affected.
💻 Affected Systems
- meterN
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise allowing attackers to install persistent backdoors, exfiltrate sensitive data, pivot to other systems, or deploy ransomware.
Likely Case
Attackers gain administrative shell access to the meterN server, enabling data theft, system manipulation, and potential lateral movement within the network.
If Mitigated
Limited impact due to network segmentation, strong authentication controls, and proper input validation preventing command injection.
🎯 Exploit Status
Exploit requires authenticated access but is trivial to execute once credentials are obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://web.archive.org/web/20210617084455/https://www.metern.org/
Restart Required: No
Instructions:
No official patch available. Consider upgrading to a newer version if available or implementing workarounds.
🔧 Temporary Workarounds
Input Validation Filter
allAdd input validation to filter dangerous characters from COMMANDx and LIVECOMMANDx parameters
Modify admin_meter2.php and admin_indicator2.php to sanitize user input
File Restriction
linuxRestrict access to vulnerable admin scripts using web server configuration
# Apache: <Location "/admin_meter2.php"> Require all denied </Location>
# Nginx: location ~ /admin_meter2\.php$ { deny all; }
🧯 If You Can't Patch
- Implement strict network segmentation to isolate meterN systems from critical infrastructure
- Enforce strong authentication policies and monitor for suspicious admin account activity
🔍 How to Verify
Check if Vulnerable:
Check if meterN version is 1.2.3 and admin_meter2.php/admin_indicator2.php scripts exist and accept POST parametersCheck Version:
Check meterN configuration files or web interface for version informationVerify Fix Applied:
Test if COMMANDx and LIVECOMMANDx parameters are properly sanitized or blocked📡 Detection & Monitoring
Log Indicators:
- POST requests to admin_meter2.php or admin_indicator2.php with COMMANDx/LIVECOMMANDx parameters
- Unusual system commands executed from web server process
Network Indicators:
- HTTP POST requests containing shell metacharacters or command injection patterns
SIEM Query:
source="web_logs" AND (uri="/admin_meter2.php" OR uri="/admin_indicator2.php") AND (param="COMMAND" OR param="LIVECOMMAND")