fkie_cve-2021-27860
Vulnerability from fkie_nvd
Published
2021-12-08 17:15
Modified
2025-10-24 14:13
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to any location on the filesystem. The FatPipe advisory identifier for this vulnerability is FPSA006.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | https://www.fatpipeinc.com/support/cve-list.php | Vendor Advisory | |
| cret@cert.org | https://www.ic3.gov/Media/News/2021/211117-2.pdf | Exploit, Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.fatpipeinc.com/support/cve-list.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ic3.gov/Media/News/2021/211117-2.pdf | Exploit, Mitigation, Third Party Advisory, US Government Resource | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27860 | US Government Resource |
Impacted products
{
"cisaActionDue": "2022-01-24",
"cisaExploitAdd": "2022-01-10",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:5.2.0:r34:*:*:*:*:*:*",
"matchCriteriaId": "C11DB09F-2C14-470E-88B9-19AA1CB9D13A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p26:*:*:*:*:*:*",
"matchCriteriaId": "8B1511DD-B05D-4441-9FEE-4AE5B99AD765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p45-m:*:*:*:*:*:*",
"matchCriteriaId": "A544091F-16BB-4942-8C5D-78BAB27763D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:6.1.2:r70p75-m:*:*:*:*:*:*",
"matchCriteriaId": "CF6314CA-0BC5-4EA8-8169-5A3AA83EDC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:7.1.2:r39:*:*:*:*:*:*",
"matchCriteriaId": "FE36BBDB-5A65-4F61-8749-883E59300639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r129:*:*:*:*:*:*",
"matchCriteriaId": "A79A392B-0607-4C83-8D1F-45F99354CF93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r144:*:*:*:*:*:*",
"matchCriteriaId": "39FD234C-69BF-4A59-A5B6-BA962D4A86EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r150:*:*:*:*:*:*",
"matchCriteriaId": "1A2B1AB1-BF7C-4BD6-819A-A71340D00BD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r156:*:*:*:*:*:*",
"matchCriteriaId": "6C72012D-F06D-40BB-B361-44CE980C7B4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p12:*:*:*:*:*:*",
"matchCriteriaId": "961268B1-E804-4291-AA38-F2905B98285F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p16:*:*:*:*:*:*",
"matchCriteriaId": "87F0BAD3-7145-496C-823D-C035AB73D5CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p17:*:*:*:*:*:*",
"matchCriteriaId": "86FA270B-1EEF-4506-B3F8-0019E1965E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p2:*:*:*:*:*:*",
"matchCriteriaId": "D6DAAB93-C2E9-4097-BB7E-A22C37860302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p20:*:*:*:*:*:*",
"matchCriteriaId": "BD8347A2-BAF5-420D-A52A-2A7B1BFE5619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p26:*:*:*:*:*:*",
"matchCriteriaId": "FF28B01F-9E9C-4703-9418-5CDA93305885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r161p3:*:*:*:*:*:*",
"matchCriteriaId": "EA076D5B-9EDA-4DCB-BF15-5C361DE6F975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164:*:*:*:*:*:*",
"matchCriteriaId": "63B936C2-F61D-4E75-B7F7-4DD4A9735FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p4:*:*:*:*:*:*",
"matchCriteriaId": "54ED4A12-F805-4A79-B083-0473BD5003EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r164p5:*:*:*:*:*:*",
"matchCriteriaId": "BFEE2206-4D60-4C9E-A874-A4F23FF59059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r165:*:*:*:*:*:*",
"matchCriteriaId": "77D045E8-12A8-4EDF-A423-F840CB2CF0AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r180p2:*:*:*:*:*:*",
"matchCriteriaId": "9A22D90B-E219-47A3-8396-820CD58A052A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:9.1.2:r185:*:*:*:*:*:*",
"matchCriteriaId": "682F18C0-D9CD-44BC-8C72-A50F4B4741CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p10:*:*:*:*:*:*",
"matchCriteriaId": "22CA1387-CD4F-45AE-A9CC-68E5538CDA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p13:*:*:*:*:*:*",
"matchCriteriaId": "5E46BE6C-734A-4D81-9BFB-24160B9A2477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p32:*:*:*:*:*:*",
"matchCriteriaId": "BC05A847-376E-48C1-B7BC-1095610FF846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p35:*:*:*:*:*:*",
"matchCriteriaId": "74A68C7C-DF85-4EB4-85EE-C98646D5C46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p45:*:*:*:*:*:*",
"matchCriteriaId": "57876C43-071C-46FE-9A40-779F95DDCA93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p55:*:*:*:*:*:*",
"matchCriteriaId": "30503A37-B4CB-45FF-81E6-9967BEEB1A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58:*:*:*:*:*:*",
"matchCriteriaId": "C44ABAF5-2B4C-4C44-8BF5-4F15E35BAD84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p58s1:*:*:*:*:*:*",
"matchCriteriaId": "CDBC02C3-09AF-4AD7-B1D6-D4C82DFD7BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p65:*:*:*:*:*:*",
"matchCriteriaId": "A12609EA-15AD-4215-9662-A93906593DB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p71:*:*:*:*:*:*",
"matchCriteriaId": "A34C4419-C0AB-4A10-A5A3-E9DCD1A69B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.1.2:r60p82:*:*:*:*:*:*",
"matchCriteriaId": "234EE25D-AEAF-4D3F-B1B8-BEDFBB93CA61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r10:*:*:*:*:*:*",
"matchCriteriaId": "D29250D9-4635-4BBB-9D1C-289C7ADFEAE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r25:*:*:*:*:*:*",
"matchCriteriaId": "F8BD7D98-B18F-4FB9-B63D-7298033D8F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:ipvpn_firmware:10.2.2:r38:*:*:*:*:*:*",
"matchCriteriaId": "4BFBA83C-C03A-4C5E-ACBC-8BEC41B901F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fatpipeinc:ipvpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CAF1D0-9EC6-4959-973C-6C37E3B2E6E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:5.2.0:r34:*:*:*:*:*:*",
"matchCriteriaId": "2779B6CB-CF0B-444A-A658-CB8D550FD147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p26:*:*:*:*:*:*",
"matchCriteriaId": "A8D0375A-3A01-445E-A95C-7E476CD4047E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p45-m:*:*:*:*:*:*",
"matchCriteriaId": "F9B63E36-32CA-4818-8BAC-5862188DFE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:6.1.2:r70p75-m:*:*:*:*:*:*",
"matchCriteriaId": "8495282B-C4C3-44FE-8D6F-00AD59662A24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:7.1.2:r39:*:*:*:*:*:*",
"matchCriteriaId": "5A2CBBCD-5D2E-4349-889A-F3F20ABDC1A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r129:*:*:*:*:*:*",
"matchCriteriaId": "18525C9D-D44D-4E0C-98A1-2389C257FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r144:*:*:*:*:*:*",
"matchCriteriaId": "C4E22F42-D478-4E30-AD9C-50A4E799940B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r150:*:*:*:*:*:*",
"matchCriteriaId": "AD864580-CF91-412C-A62E-3E7252DF91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r156:*:*:*:*:*:*",
"matchCriteriaId": "A14E5ABD-D2D4-4758-B18B-3CA0323D9518",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p12:*:*:*:*:*:*",
"matchCriteriaId": "C8EB1872-FE49-48EE-AF78-9373780F7D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p16:*:*:*:*:*:*",
"matchCriteriaId": "B11060EA-6755-4FC3-A305-E944861EDDB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p17:*:*:*:*:*:*",
"matchCriteriaId": "A20EF491-1355-4489-A839-69B46C70CC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p2:*:*:*:*:*:*",
"matchCriteriaId": "E4C0EABF-3D71-4EC9-B400-A4F043745B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p20:*:*:*:*:*:*",
"matchCriteriaId": "D99D631C-1596-4A7F-BF10-E69A1EB35C55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p26:*:*:*:*:*:*",
"matchCriteriaId": "7ECBD142-1C63-4FA1-BF2F-7DEE7730FC15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r161p3:*:*:*:*:*:*",
"matchCriteriaId": "645624F5-234D-4950-9385-7151C47C8621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164:*:*:*:*:*:*",
"matchCriteriaId": "C387783D-8402-46F2-AF87-73E8CD5BE097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p4:*:*:*:*:*:*",
"matchCriteriaId": "040AF513-BC93-4B5F-A10A-915E4A711C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r164p5:*:*:*:*:*:*",
"matchCriteriaId": "7688DC18-49BE-4F9C-A8B9-A5F84C093D17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r165:*:*:*:*:*:*",
"matchCriteriaId": "AF508B6C-23B7-444E-A9F4-400CA4D85431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r180p2:*:*:*:*:*:*",
"matchCriteriaId": "1E80C09C-42A5-4AD2-9DEA-EB64AED72246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:9.1.2:r185:*:*:*:*:*:*",
"matchCriteriaId": "05E59433-8420-451C-AA76-78AF013F7AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p10:*:*:*:*:*:*",
"matchCriteriaId": "7A480CA1-79C6-43C3-B142-BD30FE00EA95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p13:*:*:*:*:*:*",
"matchCriteriaId": "36582BDF-9829-495C-A027-9F0F1DE78093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p32:*:*:*:*:*:*",
"matchCriteriaId": "66D454E0-7E23-494C-BBCB-D56FF3FAD754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p35:*:*:*:*:*:*",
"matchCriteriaId": "2B577293-9B56-44A5-A91C-8B2D885B0B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p45:*:*:*:*:*:*",
"matchCriteriaId": "76EC4FBC-48B9-46A7-93D6-F6812A25CC1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p55:*:*:*:*:*:*",
"matchCriteriaId": "143AAD4E-163B-4D30-9A5B-2ED6A48681C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58:*:*:*:*:*:*",
"matchCriteriaId": "1820F183-B5D5-4828-93D7-CEC6B7FE0176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p58s1:*:*:*:*:*:*",
"matchCriteriaId": "F8D59DA4-8DF8-46D2-A77C-7785BD253168",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p65:*:*:*:*:*:*",
"matchCriteriaId": "1D7E2B2B-798F-4A39-BA9E-FAD53AC561D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p71:*:*:*:*:*:*",
"matchCriteriaId": "B418905D-675D-4E3D-840F-45F2C3FF1855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.1.2:r60p82:*:*:*:*:*:*",
"matchCriteriaId": "BB2984C2-9C12-4926-BF31-AE064AAE9F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r10:*:*:*:*:*:*",
"matchCriteriaId": "2F614A03-CAF0-43EB-BAF4-E0A9EA1CF522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r25:*:*:*:*:*:*",
"matchCriteriaId": "8068BA02-8996-436D-B9DF-373AECF61A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:warp_firmware:10.2.2:r38:*:*:*:*:*:*",
"matchCriteriaId": "C56FE165-AFA7-4E47-9BB3-3326086D5C45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fatpipeinc:warp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F56A62D9-6FE7-4062-9D83-75BFE14A0E83",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:5.2.0:r34:*:*:*:*:*:*",
"matchCriteriaId": "6CC854BA-4F7B-482F-B13F-B16E99C00ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p26:*:*:*:*:*:*",
"matchCriteriaId": "B0F4857C-0262-4D50-A209-B731CE4DE4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p45-m:*:*:*:*:*:*",
"matchCriteriaId": "00BDFE07-2443-4B79-A9CB-F3F03A0AA313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:6.1.2:r70p75-m:*:*:*:*:*:*",
"matchCriteriaId": "CD497063-FA78-4AAC-807F-C03771781D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:7.1.2:r39:*:*:*:*:*:*",
"matchCriteriaId": "2D5E161C-B6B6-40E8-B0E8-AEB72998119E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r129:*:*:*:*:*:*",
"matchCriteriaId": "2EA6CD57-2FC4-4D38-B3BC-2BE458672BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r144:*:*:*:*:*:*",
"matchCriteriaId": "5D6D61B6-78CF-47A5-B18D-394803F768B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r150:*:*:*:*:*:*",
"matchCriteriaId": "8FAB00D7-319D-4628-819E-608A4392E901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r156:*:*:*:*:*:*",
"matchCriteriaId": "58B8C748-C873-4611-9D25-FF73439F6559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p12:*:*:*:*:*:*",
"matchCriteriaId": "0FBE83D2-96E7-489E-A7A1-D02193D022A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p16:*:*:*:*:*:*",
"matchCriteriaId": "532021A2-9D2C-4365-AA76-8B9F1E3401D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p17:*:*:*:*:*:*",
"matchCriteriaId": "561F487C-3FCE-4F68-ADEF-61A807E18A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p2:*:*:*:*:*:*",
"matchCriteriaId": "44135F5A-96DC-471E-9A7C-48EA124E5DBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p20:*:*:*:*:*:*",
"matchCriteriaId": "34A8EC2F-BB91-448E-B21C-2D7822CA04F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p26:*:*:*:*:*:*",
"matchCriteriaId": "20810603-1A08-4AEE-A6C5-EFEDB3C923BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r161p3:*:*:*:*:*:*",
"matchCriteriaId": "37C5C6DC-5FBA-4D8D-ADEF-F8DB232001C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164:*:*:*:*:*:*",
"matchCriteriaId": "12B67BB1-3943-4F30-8470-FF3E446F5E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p4:*:*:*:*:*:*",
"matchCriteriaId": "72F686C1-E970-41CF-A5F6-842E0B15D85E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r164p5:*:*:*:*:*:*",
"matchCriteriaId": "19E99ECD-6D6C-4290-9D41-47CFA9373B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r165:*:*:*:*:*:*",
"matchCriteriaId": "D9D58BE6-BE5C-48A2-AE61-FFC0612AEFB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r180p2:*:*:*:*:*:*",
"matchCriteriaId": "072EF984-3F4F-44ED-BFE4-78E063B474BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:9.1.2:r185:*:*:*:*:*:*",
"matchCriteriaId": "DAD39775-38AC-439A-96F4-7DAD9A2E1537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p10:*:*:*:*:*:*",
"matchCriteriaId": "AC62B752-36D4-4F2F-ACA0-4D693FC6315C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p13:*:*:*:*:*:*",
"matchCriteriaId": "239431AD-427E-40C9-9DEA-F4B2B8734529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p32:*:*:*:*:*:*",
"matchCriteriaId": "40E8F365-0C9D-473F-A5F6-E05872B3A925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p35:*:*:*:*:*:*",
"matchCriteriaId": "597A3F8A-1538-4B71-8D4D-2966F49E023B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p45:*:*:*:*:*:*",
"matchCriteriaId": "F2991483-7274-4FA9-AA96-7BD0C2715FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p55:*:*:*:*:*:*",
"matchCriteriaId": "23CA58A4-64A3-47B7-A4A0-8A6D9513A16C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58:*:*:*:*:*:*",
"matchCriteriaId": "22A27D18-8022-4B5C-9314-A087674C14A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p58s1:*:*:*:*:*:*",
"matchCriteriaId": "C11B36AB-043E-4DE8-AFCC-92E3092C0E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p65:*:*:*:*:*:*",
"matchCriteriaId": "39FEF22E-F568-40E6-8BBF-D52600DE082D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p71:*:*:*:*:*:*",
"matchCriteriaId": "1D9DF278-ECE1-4530-BCE4-95266340BE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.1.2:r60p82:*:*:*:*:*:*",
"matchCriteriaId": "11649A08-A14B-46C8-97DB-9EB5FB7BF25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r10:*:*:*:*:*:*",
"matchCriteriaId": "D23782A1-EA7E-4B22-8943-F69510673CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r25:*:*:*:*:*:*",
"matchCriteriaId": "F7B5F773-EC27-475A-ADE3-E4A33D1DFA64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fatpipeinc:mpvpn_firmware:10.2.2:r38:*:*:*:*:*:*",
"matchCriteriaId": "60D7B24F-0075-4362-9F07-A0C55F07FA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:fatpipeinc:mpvpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA0180-8172-4021-AADF-7BAB1CA1BA96",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p92 and 10.2.2r44p1 allows a remote, unauthenticated attacker to upload a file to any location on the filesystem. The FatPipe advisory identifier for this vulnerability is FPSA006."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web del software FatPipe WARP, IPVPN y MPVPN anterior a las versiones 10.1.2r60p92 y 10.2.2r44p1 permite a un atacante remoto no autentificado cargar un archivo en cualquier ubicaci\u00f3n del sistema de archivos. El identificador del aviso de FatPipe para esta vulnerabilidad es FPSA006"
}
],
"id": "CVE-2021-27860",
"lastModified": "2025-10-24T14:13:36.940",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cret@cert.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-08T17:15:10.800",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fatpipeinc.com/support/cve-list.php"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.ic3.gov/Media/News/2021/211117-2.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fatpipeinc.com/support/cve-list.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.ic3.gov/Media/News/2021/211117-2.pdf"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27860"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…