info[at]nsec.ir
(+۹۸)-۳۱-۳۳۹۱۵۳۳۶

آسیب‌پذیری‌های حیاتی هفته چهارم بهمن‌ماه

 

این هفته آسیب‌پذیری‌های «حیاتی» و «پرخطر» بسیاری در محصولات مهم Microsoft گزارش و وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شد.  همچنین در  محصولات شرکت‌های Adobe، Dell، D-Link، F5،  Fortinet، Foxit، Google، HPE، IBM، McAfee، Siemens، SUSE وکرنل لینوکس چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت.

لیست این آسیب‌پذیری‌ها به‌همراه سطح خطر آن‌ها در جدول زیر آمده است.

شناسه آسیب‌پذیری

امتیاز مبنا

عنوان آسیب‌پذیری

ارزش روز صفر

رفع آسیب‌پذیری

CVE-2020-13572

۶.۳

AccuSoft ImageGear GIF Parser heap-based overflow

$۲k-$5k

Not Defined

CVE-2020-13585

۶.۳

AccuSoft ImageGear PSD Header out-of-bounds write

$۲k-$5k

Not Defined

CVE-2020-13571

۶.۳

AccuSoft ImageGear SGI RLE Decompression out-of-bounds write

$۲k-$5k

Not Defined

CVE-2020-13561

۵.۵

AccuSoft ImageGear TIFF Parser out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-21060

۴.۶

Adobe Acrobat information disclosure

$۱۰k-$25k

Official Fix

CVE-2021-21061

۳.۳

Adobe Acrobat PDF File use after free

$۲۵k-$50k

Official Fix

CVE-2021-21045

۸.۲

Adobe Acrobat Reader access control

$۲۵k-$50k

Official Fix

CVE-2021-21017

۸.۸

Adobe Acrobat Reader heap-based overflow

$۲۵k-$50k

Official Fix

CVE-2021-21036

۷.۸

Adobe Acrobat Reader integer overflow

$۱۰k-$25k

Official Fix

CVE-2021-21044

۷.۸

Adobe Acrobat Reader JPEG File out-of-bounds write

$۲۵k-$50k

Official Fix

CVE-2021-21038

۷.۸

Adobe Acrobat Reader JPEG File out-of-bounds write

$۲۵k-$50k

Official Fix

CVE-2021-21046

۳.۳

Adobe Acrobat Reader memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-21042

۶.۵

Adobe Acrobat Reader out-of-bounds read

$۱۰k-$25k

Official Fix

CVE-2021-21034

۴.۳

Adobe Acrobat Reader out-of-bounds read

$۵k-$10k

Official Fix

CVE-2021-21037

۷.۸

Adobe Acrobat Reader path traversal

$۱۰k-$25k

Official Fix

CVE-2021-21063

۷.۸

Adobe Acrobat Reader PDF File memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-21062

۷.۸

Adobe Acrobat Reader PDF File memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-21059

۷.۸

Adobe Acrobat Reader PDF File memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-21058

۷.۸

Adobe Acrobat Reader PDF File memory corruption

$۲۵k-$50k

Official Fix

CVE-2021-21057

۶.۶

Adobe Acrobat Reader PDF File null pointer dereference

$۱۰k-$25k

Official Fix

CVE-2021-21041

۷.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21040

۷.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21039

۷.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21035

۸.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21033

۸.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21028

۸.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21021

۸.۸

Adobe Acrobat Reader use after free

$۲۵k-$50k

Official Fix

CVE-2021-21052

۷.۸

Adobe Animate out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-21055

۶.۲

Adobe Dreamweaver untrusted search path

$۲k-$5k

Official Fix

CVE-2021-21054

۷.۸

Adobe Illustrator out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-21053

۷.۸

Adobe Illustrator out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-21051

۷.۸

Adobe Photoshop Javascript File buffer overflow

$۵k-$10k

Official Fix

CVE-2021-21048

۷.۸

Adobe Photoshop memory corruption

$۵k-$10k

Official Fix

CVE-2021-21050

۷.۸

Adobe Photoshop out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-21049

۷.۸

Adobe Photoshop out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-21047

۷.۸

Adobe Photoshop out-of-bounds write

$۵k-$10k

Official Fix

CVE-2021-22652

۶.۳

Advantech iView Configuration missing authentication

$۱k-$2k

Official Fix

CVE-2021-22656

۳.۵

Advantech iView pathname traversal

$۱k-$2k

Official Fix

CVE-2021-22658

۵.۵

Advantech iView sql injection

$۱k-$2k

Official Fix

CVE-2021-22654

۶.۳

Advantech iView sql injection

$۱k-$2k

Official Fix

CVE-2020-13949

۳.۵

Apache Thrift Short Message denial of service

$۲k-$5k

Not Defined

CVE-2020-36237

۵.۳

Atlassian JIRA Server/Data Center Custom Field information disclosure

$۱k-$2k

Official Fix

CVE-2020-36235

۵.۳

Atlassian JIRA Server/Data Center Custom Field information disclosure

$۱k-$2k

Official Fix

CVE-2020-36236

۳.۵

Atlassian JIRA Server/Data Center Endpoint ViewWorkflowSchemes.jspa cross site scripting

$۰-$۱k

Official Fix

CVE-2020-29451

۴.۳

Atlassian JIRA Server/Data Center Plugin Report Page information disclosure

$۱k-$2k

Official Fix

CVE-2020-36234

۳.۵

Atlassian JIRA Server/Data Center Screens Modal View cross site scripting

$۰-$۱k

Official Fix

CVE-2019-19004

۵.۵

AutoTrace Bitmap Image input-bmp.c malloc integer overflow

$۲k-$5k

Official Fix

CVE-2019-19005

۵.۵

AutoTrace Bitmap Image main.c use after free

$۲k-$5k

Official Fix

CVE-2020-22840

۶.۱

b2evolution email_passthrough.php redirect

$۱k-$2k

Official Fix

CVE-2020-22839

۶.۱

b2evolution evoadm.php cross site scripting

$۰-$۱k

Not Defined

CVE-2020-22841

۴.۸

b2evolution Plugin Module cross site scripting

$۰-$۱k

Not Defined

CVE-2021-26528

۶.۳

Cesanta Mongoose Connection Request mg_http_serve_file out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-26530

۶.۳

Cesanta Mongoose Connection Request mg_tls_init out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-26529

۶.۳

Cesanta Mongoose Connection Request mg_tls_init out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-26675

۵.۵

ConnMan dnsproxy stack-based overflow

$۲k-$5k

Official Fix

CVE-2021-26676

۳.۵

ConnMan gdhcp information disclosure

$۰-$۱k

Official Fix

CVE-2021-25835

۶.۳

Cosmos Ethermint EVM Module authentication replay

$۱k-$2k

Not Defined

CVE-2021-25834

۶.۳

Cosmos Ethermint EVM Module authentication replay

$۱k-$2k

Not Defined

CVE-2021-25836

۵.۵

Cosmos Ethermint EVM Module state issue

$۱k-$2k

Not Defined

CVE-2021-25837

۵.۵

Cosmos Ethermint EVM Module unknown vulnerability

$۲k-$5k

Not Defined

CVE-2020-26195

۵.۳

Dell EMC PowerScale OneFS Directory insufficient permissions or privileges

$۱۰k-$25k

Not Defined

CVE-2020-26196

۵.۵

Dell EMC PowerScale OneFS File System permission assignment

$۵k-$10k

Official Fix

CVE-2020-26191

۷.۸

Dell EMC PowerScale OneFS Job privileges management

$۵k-$10k

Official Fix

CVE-2020-26192

۷.۸

Dell EMC PowerScale OneFS missing authentication

$۲k-$5k

Official Fix

CVE-2020-26193

۷.۸

Dell EMC PowerScale OneFS os command injection

$۵k-$10k

Official Fix

CVE-2020-26194

۷.۸

Dell EMC PowerScale OneFS permission assignment

$۵k-$10k

Official Fix

CVE-2021-21502

۹.۸

Dell EMC PowerScale OneFS Remote Code Execution

$۱۰k-$25k

Official Fix

CVE-2020-27864

۸.۸

D-Link DAP-1860 HNAP Service command injection

$۱۰k-$25k

Not Defined

CVE-2020-27865

۸.۸

D-Link DAP-1860 uhttpd authentication bypass

$۱۰k-$25k

Not Defined

CVE-2020-27863

۶.۵

D-Link DVA-2800/DSL-2888A dhttpd authentication bypass

$۵k-$10k

Not Defined

CVE-2020-27862

۸.۸

D-Link DVA-2800/DSL-2888A dhttpd command injection

$۱۰k-$25k

Not Defined

CVE-2021-20651

۶.۳

Elecom File Manager pathname traversal

$۱k-$2k

Not Defined

CVE-2021-20643

۶.۳

Elecom LD-PS-U1 access control

$۲k-$5k

Not Defined

CVE-2021-20650

۳.۵

Elecom NCC-EWF100RMWH2 cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-20644

۳.۵

Elecom WRC-1467GHBK-A Web Setup Page cross site scripting

$۰-$۱k

Not Defined

CVE-2021-20645

۳.۵

Elecom WRC-300FEBK-A cross site scripting

$۰-$۱k

Not Defined

CVE-2021-20646

۳.۵

Elecom WRC-300FEBK-A cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-20649

۵.۶

Elecom WRC-300FEBK-S certificate validation

$۱k-$2k

Not Defined

CVE-2021-20647

۳.۵

Elecom WRC-300FEBK-S cross-site request forgery

$۰-$۱k

Not Defined

CVE-2021-20648

۴.۳

Elecom WRC-300FEBK-S os command injection

$۱k-$2k

Not Defined

CVE-2021-26222

۵.۵

ezXML XML File ezxml_new out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-26221

۵.۵

ezXML XML File ezxml_new out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-26220

۵.۵

ezXML XML File ezxml_toxml out-of-bounds write

$۲k-$5k

Not Defined

CVE-2021-22983

۳.۵

F5 BIG-IP AFM Configuration Utility cross site scripting

$۲k-$5k

Official Fix

CVE-2021-22980

۷.۳

F5 BIG-IP APM Client Troubleshooting Utility Edge Client untrusted search path

$۱۰k-$25k

Official Fix

CVE-2021-22985

۳.۵

F5 BIG-IP APM VPN Traffic memory allocation

$۲k-$5k

Official Fix

CVE-2021-22984

۴.۳

F5 BIG-IP ASM/Advanced WAF Client Request redirect

$۵k-$10k

Official Fix

CVE-2021-22976

۳.۵

F5 BIG-IP ASM/Advanced WAF Websocket resource consumption

$۲k-$5k

Official Fix

CVE-2021-22979

۳.۵

F5 BIG-IP Configuration utility cross site scripting

$۲k-$5k

Official Fix

CVE-2021-22982

۵.۵

F5 BIG-IP DNS/BIG-IP GTM big3d buffer overflow

$۱۰k-$25k

Official Fix

CVE-2021-22978

۳.۵

F5 BIG-IP iControl REST Endpoint cross site scripting

$۲k-$5k

Official Fix

CVE-2021-22973

۳.۵

F5 BIG-IP JSON Parser out-of-bounds read

$۲k-$5k

Official Fix

CVE-2021-22981

۳.۷

F5 BIG-IP TLS Protocol certificate validation

$۵k-$10k

Not Defined

CVE-2021-22977

۳.۵

F5 BIG-IP TMM denial of service

$۲k-$5k

Not Defined

CVE-2021-22975

۳.۵

F5 BIG-IP Traffic Management Microkernel denial of service

$۲k-$5k

Official Fix

CVE-2021-22974

۵.۵

F5 BIG-IP/BIG-IQ iControl REST race condition

$۲k-$5k

Official Fix

CVE-2021-27169

۵.۵

FiberHome AN5506-04-FA hard-coded password

$۱k-$2k

Not Defined

CVE-2021-27173

۶.۳

FiberHome HG6245D API improper authentication

$۱k-$2k

Not Defined

CVE-2021-27171

۸.۰

FiberHome HG6245D CLI unknown vulnerability

$۲k-$5k

Not Defined

CVE-2021-27170

۷.۳

FiberHome HG6245D Firewall access control

$۲k-$5k

Workaround

CVE-2021-27168

۶.۳

FiberHome HG6245D hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27166

۵.۵

FiberHome HG6245D hard-coded password

$۱k-$2k

Not Defined

CVE-2021-27139

۴.۳

FiberHome HG6245D info.asp information disclosure

$۱k-$2k

Not Defined

CVE-2021-27167

۵.۵

FiberHome HG6245D libci_adaptation_layer.so init_3bb_password unknown vulnerability

$۲k-$5k

Not Defined

CVE-2021-27178

۲.۳

FiberHome HG6245D NVRAM missing encryption

$۰-$۱k

Not Defined

CVE-2021-27142

۵.۵

FiberHome HG6245D Private Key permission

$۱k-$2k

Not Defined

CVE-2021-27172

۴.۳

FiberHome HG6245D system-config.sh hard-coded password

$۱k-$2k

Not Defined

CVE-2021-27179

۴.۳

FiberHome HG6245D Telnet Daemon denial of service

$۰-$۱k

Not Defined

CVE-2021-27165

۷.۳

FiberHome HG6245D Telnet Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27177

۷.۳

FiberHome HG6245D Telnet Server improper authentication

$۱k-$2k

Not Defined

CVE-2021-27141

۴.۳

FiberHome HG6245D umconfig.txt hard-coded key

$۰-$۱k

Not Defined

CVE-2021-27164

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27163

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27162

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27161

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27160

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27159

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27158

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27157

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27156

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27155

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27154

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27153

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27152

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27151

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27150

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27149

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27148

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27147

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27146

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27145

۷.۳

FiberHome HG6245D Web Daemon hard-coded credentials

$۱k-$2k

Not Defined

CVE-2021-27144

۶.۳

FiberHome HG6245D Web Daemon hard-coded password

$۱k-$2k

Not Defined

CVE-2021-27143

۶.۳

FiberHome HG6245D Web Daemon hard-coded password

$۱k-$2k

Not Defined

CVE-2021-27140

۴.۳

FiberHome HG6245D web.log log file

$۱k-$2k

Not Defined

CVE-2021-27174

۴.۳

FiberHome HG6245D wifi_custom.cfg permission

$۲k-$5k

Not Defined

CVE-2021-27175

۴.۳

FiberHome HG6245D wifictl_2g.cfg permission

$۲k-$5k

Not Defined

CVE-2021-27176

۴.۳

FiberHome HG6245D wifictl_5g.cfg permission

$۲k-$5k

Not Defined

CVE-2020-6649

۹.۸

Fortinet FortiIsolator session expiration

$۱k-$2k

Official Fix

CVE-2021-22122

۶.۱

Fortinet FortiWeb API Endpoint cross site scripting

$۰-$۱k

Official Fix

CVE-2020-17423

۷.۸

Foxit Studio Photo ARW File heap-based overflow

$۲k-$5k

Official Fix

CVE-2020-17434

۷.۸

Foxit Studio Photo ARW File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17436

۷.۸

Foxit Studio Photo CMP File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17433

۷.۸

Foxit Studio Photo CMP File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17429

۷.۸

Foxit Studio Photo CMP File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17428

۳.۳

Foxit Studio Photo CMP File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17426

۷.۸

Foxit Studio Photo CR2 File memory corruption

$۲k-$5k

Official Fix

CVE-2020-27856

۷.۸

Foxit Studio Photo CR2 File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17435

۷.۸

Foxit Studio Photo CR2 File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17432

۷.۸

Foxit Studio Photo CR2 File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17431

۷.۸

Foxit Studio Photo CR2 File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-17430

۷.۸

Foxit Studio Photo CR2 File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-17422

۳.۳

Foxit Studio Photo EPS File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17425

۷.۸

Foxit Studio Photo EPS File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-17424

۷.۸

Foxit Studio Photo EZI File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-17418

۷.۸

Foxit Studio Photo EZIX File buffer overflow

$۲k-$5k

Official Fix

CVE-2020-17427

۷.۸

Foxit Studio Photo NEF File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-17420

۳.۳

Foxit Studio Photo NEF File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-27857

۷.۸

Foxit Studio Photo NEF File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-17421

۷.۸

Foxit Studio Photo NEF File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-17419

۷.۸

Foxit Studio Photo NEF File out-of-bounds write

$۲k-$5k

Official Fix

CVE-2020-27855

۷.۸

Foxit Studio Photo SR2 File out-of-bounds read

$۱k-$2k

Official Fix

CVE-2020-13574

۷.۵

Genivia gSOAP SOAP Request denial of service

$۰-$۱k

Not Defined

CVE-2020-13575

۷.۵

Genivia gSOAP WS-Addressing Plugin denial of service

$۰-$۱k

Not Defined

CVE-2020-13576

۹.۸

Genivia gSOAP WS-Addressing Plugin Remote Privilege Escalation

$۲k-$5k

Not Defined

CVE-2020-13578

۷.۵

Genivia gSOAP WS-Security Plugin denial of service

$۰-$۱k

Not Defined

CVE-2020-13577

۷.۵

Genivia gSOAP WS-Security Plugin denial of service

$۰-$۱k

Not Defined

CVE-2021-0327

۷.۸

Google Android ActivityManagerService.java getContentProviderImpl permission

$۲۵k-$50k

Official Fix

CVE-2021-0329

۷.۸

Google Android Bluetooth AdvertiseManager.java out-of-bounds write

$۲۵k-$50k

Official Fix

CVE-2021-0333

۷.۳

Google Android Bluetooth BluetoothPermissionActivity.java onCreate permission

$۲۵k-$50k

Official Fix

CVE-2021-0328

۷.۸

Google Android Bluetooth Scan GattService.java deliverBatchScan permission

$۲۵k-$50k

Official Fix

CVE-2021-0336

۷.۸

Google Android BluetoothPermissionRequest.java onReceive permission

$۲۵k-$50k

Official Fix

CVE-2021-0335

۶.۵

Google Android C2SoftHevcDec.cpp process out-of-bounds write

$۵۰k-$100k