CVE-2024-21878

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currently unpatched.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://csirt.divd.nl/CVE-2024-21878	Third Party Advisory
https://csirt.divd.nl/DIVD-2024-00011	Third Party Advisory
https://enphase.com/cybersecurity/advisories/ensa-2024-3	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:enphase:iq_gateway_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:enphase:iq_gateway:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-08-12 13:38

Updated : 2024-08-23 17:52

NVD link : CVE-2024-21878

Mitre link : CVE-2024-21878

CVE.ORG link : CVE-2024-21878

JSON object : View

Products Affected

enphase

iq_gateway
iq_gateway_firmware

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2024-21878", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "csirt@divd.nl", "cvssData": {"safety": "PRESENT", "version": "4.0", "recovery": "IRRECOVERABLE", "baseScore": 9.2, "automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:I/V:C/RE:H/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "LOW", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "HIGH", "subsequentSystemAvailability": "LOW", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "LOW", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-08-12T13:38:15.107", "references": [{"url": "https://csirt.divd.nl/CVE-2024-21878", "tags": ["Third Party Advisory"], "source": "csirt@divd.nl"}, {"url": "https://csirt.divd.nl/DIVD-2024-00011", "tags": ["Third Party Advisory"], "source": "csirt@divd.nl"}, {"url": "https://enphase.com/cybersecurity/advisories/ensa-2024-3", "tags": ["Vendor Advisory"], "source": "csirt@divd.nl"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "csirt@divd.nl", "description": [{"lang": "en", "value": "CWE-77"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Enphase IQ Gateway (formerly known as Envoy) allows OS Command Injection. This vulnerability is present in an internal script.This issue affects Envoy: from 4.x up to and including 8.x and is currently unpatched."}, {"lang": "es", "value": "La neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando (\"Inyecci\u00f3n de comando\") en Enphase IQ Gateway (anteriormente conocido como Envoy) permite la inyecci\u00f3n de comando del sistema operativo. Esta vulnerabilidad est\u00e1 presente en un script interno. Este problema afecta a Envoy: desde 4.x hasta 8.x inclusive y actualmente no est\u00e1 parcheado."}], "lastModified": "2024-08-23T17:52:11.777", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:enphase:iq_gateway_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "045C0178-42FE-4511-A182-AF3BA9545EF0", "versionEndExcluding": "8.2.4225", "versionStartIncluding": "4.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:enphase:iq_gateway:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "75882BE4-CF58-44B5-BA30-DD13BDFF78C0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "csirt@divd.nl"}