Vulnerability Description
An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ipmatcher Project | Ipmatcher | <= 1.0.4.1 |
| Watsonwebserver Project | Watsonwebserver | <= 4.1.3 |
Related Weaknesses (CWE)
References
- https://github.com/jchristn/IpMatcherThird Party Advisory
- https://github.com/jchristn/IpMatcher/commit/81d77c2f33aa912dbd032b34b9e184fc6e0PatchThird Party Advisory
- https://github.com/jchristn/WatsonWebserverThird Party Advisory
- https://github.com/kaoudis/advisories/blob/main/0-2021.mdExploitThird Party Advisory
- https://github.com/jchristn/IpMatcherThird Party Advisory
- https://github.com/jchristn/IpMatcher/commit/81d77c2f33aa912dbd032b34b9e184fc6e0PatchThird Party Advisory
- https://github.com/jchristn/WatsonWebserverThird Party Advisory
- https://github.com/kaoudis/advisories/blob/main/0-2021.mdExploitThird Party Advisory
FAQ
What is CVE-2021-33318?
CVE-2021-33318 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validatio...
How severe is CVE-2021-33318?
CVE-2021-33318 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-33318?
Check the references section above for vendor advisories and patch information. Affected products include: Ipmatcher Project Ipmatcher, Watsonwebserver Project Watsonwebserver.