Published:2021/10/18  Last Updated:2021/10/18

JVN#85073657
128 Technology Session Smart Router vulnerable to authentication bypass

Overview

128 Technology Session Smart Router (128T SSR) contains an authentication bypass vulnerability.

Products Affected

  • 128 Technology Session Smart Router versions from 4.4 to 5.0.1

Description

128 Technology Session Smart Router provided by 128 Technology contains an authentication bypass vulnerability (CWE-287).

Impact

A remote attacker may bypass the authentication and execute an arbitrary OS command with the root privilege.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.
According to the developer, 128T SSR 4.4 series is no longer supported and to continue using 4 series, users need to upgrade to 4.5.11. Also, 128T SSR 5.0.0 or 5.0.1 users need to upgrade to 5.1.6 or later.
For more information on upgrading, see Upgrading the 128T Networking Platform.

Vendor Status

Vendor Link
128 Technology 2021-10 Security Bulletin: Session Smart Router: Authentication Bypass Vulnerability (CVE-2021-31349)
Upgrading the 128T Networking Platform

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score: 9.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score: 7.5
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Genta Kataoka of IERAE SECURITY INC. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2021-31349
JVN iPedia JVNDB-2021-000091