CVE-2021-4105 — CRITICAL (9.8)

Q: What is CVE-2021-4105?

CVE-2021-4105 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.

Q: How severe is CVE-2021-4105?

CVE-2021-4105 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2021-4105?

Check the references section above for vendor advisories and patch information. Affected products include: Bg-Tek Coslat Bx5S1D3 Firmware, Bg-Tek Coslat Bx5S1D3, Bg-Tek Coslat Bx5S1D4 Firmware, Bg-Tek Coslat Bx5S1D4, Bg-Tek Coslat Bx5S1D5 Firmware.

Vulnerability Description

Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Bg-Tek	Coslat Bx5S1D3 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Bx5S1D3	-
Bg-Tek	Coslat Bx5S1D4 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Bx5S1D4	-
Bg-Tek	Coslat Bx5S1D5 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Bx5S1D5	-
Bg-Tek	Coslat Rm1Ds1000 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Rm1Ds1000	-
Bg-Tek	Coslat Rm2Ds2000 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Rm2Ds2000	-
Bg-Tek	Coslat Rm2S200 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Rm2S200	-
Bg-Tek	Coslat Rm3S300 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Rm3S300	-
Bg-Tek	Coslat Rm4S500 Firmware	>= 5.24.0.r.20180630, < 5.24.0.r.20210727
Bg-Tek	Coslat Rm4S500	-

Related Weaknesses (CWE)

CWE-755

References

http://blog.coslat.com/2021/07/onemli-kritik-guncelleme-2021-07-27.htmlVendor Advisory
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0108
https://www.usom.gov.tr/bildirim/tr-23-0108Third Party Advisory
http://blog.coslat.com/2021/07/onemli-kritik-guncelleme-2021-07-27.htmlVendor Advisory
https://www.usom.gov.tr/bildirim/tr-23-0108Third Party Advisory

FAQ

What is CVE-2021-4105?

CVE-2021-4105 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.

How severe is CVE-2021-4105?

CVE-2021-4105 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2021-4105?

Check the references section above for vendor advisories and patch information. Affected products include: Bg-Tek Coslat Bx5S1D3 Firmware, Bg-Tek Coslat Bx5S1D3, Bg-Tek Coslat Bx5S1D4 Firmware, Bg-Tek Coslat Bx5S1D4, Bg-Tek Coslat Bx5S1D5 Firmware.