CVE-2021-25668: Siemens Web Server缓冲区错误漏洞

获取后续新漏洞提醒登录后订阅

一、漏洞 CVE-2021-25668 基础信息

漏洞信息

对漏洞内容有疑问？看看神龙的深度分析是否有帮助！

查看神龙十问 ↗

尽管我们使用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性，但请您根据实际情况进行核实和判断。

Vulnerability Title

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Description

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT (All versions < 5.5.1), SCALANCE X201-3P IRT PRO (All versions < 5.5.1), SCALANCE X202-2 IRT (All versions < 5.5.1), SCALANCE X202-2P IRT (incl. SIPLUS NET variant) (All versions < 5.5.1), SCALANCE X202-2P IRT PRO (All versions < 5.5.1), SCALANCE X204 IRT (All versions < 5.5.1), SCALANCE X204 IRT PRO (All versions < 5.5.1), SCALANCE X204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2FM (All versions < V5.2.5), SCALANCE X204-2LD (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X204-2LD TS (All versions < V5.2.5), SCALANCE X204-2TS (All versions < V5.2.5), SCALANCE X206-1 (All versions < V5.2.5), SCALANCE X206-1LD (All versions < V5.2.5), SCALANCE X208 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X208PRO (All versions < V5.2.5), SCALANCE X212-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE X212-2LD (All versions < V5.2.5), SCALANCE X216 (All versions < V5.2.5), SCALANCE X224 (All versions < V5.2.5), SCALANCE XF201-3P IRT (All versions < 5.5.1), SCALANCE XF202-2P IRT (All versions < 5.5.1), SCALANCE XF204 (All versions < V5.2.5), SCALANCE XF204 IRT (All versions < 5.5.1), SCALANCE XF204-2 (incl. SIPLUS NET variant) (All versions < V5.2.5), SCALANCE XF204-2BA IRT (All versions < 5.5.1), SCALANCE XF206-1 (All versions < V5.2.5), SCALANCE XF208 (All versions < V5.2.5). Incorrect processing of POST requests in the webserver may result in write out of bounds in heap. An attacker might leverage this to cause denial-of-service on the device and potentially remotely execute code.

来源: 美国国家漏洞数据库 NVD

CVSS Information

N/A

来源: 美国国家漏洞数据库 NVD

Vulnerability Type

堆缓冲区溢出

来源: 美国国家漏洞数据库 NVD

Vulnerability Title

Siemens Web Server缓冲区错误漏洞

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Description

Siemens Web Server是德国西门子（Siemens）公司的一个web服务器。 Siemens Web Server存在缓冲区错误漏洞，该漏洞源于web服务器对POST请求的不正确处理可能会使栈写入越界。攻击者可利用该漏洞导致拒绝服务或远程执行代码。以下产品或版本受到影响：SCALANCE X200-4P IRT、SCALANCE X201-3P IRT、SCALANCE X201-3P IRT PRO、SCALANCE X202-2 IRT、SCALANCE X202-2P IRT、SCAL

来源: 中国国家信息安全漏洞库 CNNVD

CVSS Information

N/A

来源: 中国国家信息安全漏洞库 CNNVD

Vulnerability Type

N/A

来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商	产品	影响版本	CPE
Siemens	SCALANCE X200-4P IRT	All versions < 5.5.1	-
Siemens	SCALANCE X201-3P IRT	All versions < 5.5.1	-
Siemens	SCALANCE X201-3P IRT PRO	All versions < 5.5.1	-
Siemens	SCALANCE X202-2 IRT	All versions < 5.5.1	-
Siemens	SCALANCE X202-2P IRT (incl. SIPLUS NET variant)	All versions < 5.5.1	-
Siemens	SCALANCE X202-2P IRT PRO	All versions < 5.5.1	-
Siemens	SCALANCE X204 IRT	All versions < 5.5.1	-
Siemens	SCALANCE X204 IRT PRO	All versions < 5.5.1	-
Siemens	SCALANCE X204-2 (incl. SIPLUS NET variant)	All versions < V5.2.5	-
Siemens	SCALANCE X204-2FM	All versions < V5.2.5	-
Siemens	SCALANCE X204-2LD (incl. SIPLUS NET variant)	All versions < V5.2.5	-
Siemens	SCALANCE X204-2LD TS	All versions < V5.2.5	-
Siemens	SCALANCE X204-2TS	All versions < V5.2.5	-
Siemens	SCALANCE X206-1	All versions < V5.2.5	-
Siemens	SCALANCE X206-1LD	All versions < V5.2.5	-
Siemens	SCALANCE X208 (incl. SIPLUS NET variant)	All versions < V5.2.5	-
Siemens	SCALANCE X208PRO	All versions < V5.2.5	-
Siemens	SCALANCE X212-2 (incl. SIPLUS NET variant)	All versions < V5.2.5	-
Siemens	SCALANCE X212-2LD	All versions < V5.2.5	-
Siemens	SCALANCE X216	All versions < V5.2.5	-
Siemens	SCALANCE X224	All versions < V5.2.5	-
Siemens	SCALANCE XF201-3P IRT	All versions < 5.5.1	-
Siemens	SCALANCE XF202-2P IRT	All versions < 5.5.1	-
Siemens	SCALANCE XF204	All versions < V5.2.5	-
Siemens	SCALANCE XF204 IRT	All versions < 5.5.1	-
Siemens	SCALANCE XF204-2 (incl. SIPLUS NET variant)	All versions < V5.2.5	-
Siemens	SCALANCE XF204-2BA IRT	All versions < 5.5.1	-
Siemens	SCALANCE XF206-1	All versions < V5.2.5	-
Siemens	SCALANCE XF208	All versions < V5.2.5	-

二、漏洞 CVE-2021-25668 的公开POC

#	POC 描述	源链接	神龙链接

AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2021-25668 的情报信息

Please 登录 to view more intelligence information

IV. Related Vulnerabilities

Same product: SCALANCE X200-4P IRT

Same vendor: Siemens

Same weakness: CWE-122

V. Comments for CVE-2021-25668

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2021-25668 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2021-25668 的公开POC

三、漏洞 CVE-2021-25668 的情报信息

IV. Related Vulnerabilities

V. Comments for CVE-2021-25668

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2021-25668 基础信息

漏洞信息

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

受影响产品

二、漏洞 CVE-2021-25668 的公开POC

三、漏洞 CVE-2021-25668 的情报信息

IV. Related Vulnerabilities

V. Comments for CVE-2021-25668

发表评论

一、漏洞 CVE-2021-25668 基础信息