CVE-2021-47706
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| commax | biometric_access_control_system | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-565 | The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability in COMMAX Biometric Access Control System 1.0.0 allows unauthenticated attackers to bypass authentication by exploiting cookie poisoning. Attackers can forge cookies to gain unauthorized access to sensitive information and circumvent physical security controls in smart homes and buildings.
How can this vulnerability impact me? :
The vulnerability can allow attackers to access sensitive information without authentication and bypass physical security controls, potentially compromising the security of smart homes and buildings.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or forged cookies such as CMX_SAVED_ID, CMX_ADMIN_ID, CMX_ADMIN_NM, CMX_ADMIN_LV, CMX_COMPLEX_NM, and CMX_COMPLEX_IP being sent to the COMMAX Biometric Access Control System. One way to test is by sending crafted HTTP GET requests to endpoints like /db_dump.php and observing if sensitive information such as SQL backups is disclosed without proper authentication. For example, using curl to send a request with forged cookies: curl -v --cookie "CMX_ADMIN_ID=forged_value; CMX_ADMIN_LV=forged_value" http://<device_ip>/db_dump.php and checking the response for unauthorized data disclosure. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the COMMAX Biometric Access Control System devices to trusted users only, implementing network-level controls such as firewalls or VPNs to limit exposure, and monitoring for suspicious cookie activity. Since the vendor has not responded to disclosures, applying any available firmware updates or patches from COMMAX is recommended if released. Additionally, consider disabling remote access features until a fix is available and reviewing logs for signs of exploitation. [2, 4]