CVE-2021-47747
Unknown Unknown - Not Provided
Authenticated Remote Code Execution in meterN 1.2.3 Admin Scripts

Publication date: 2025-12-31

Last updated on: 2025-12-31

Assigner: VulnCheck

Description
meterN 1.2.3 contains an authenticated remote code execution vulnerability in admin_meter2.php and admin_indicator2.php scripts. Attackers can exploit the 'COMMANDx' and 'LIVECOMMANDx' POST parameters to execute arbitrary system commands with administrative privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-31
Last Modified
2025-12-31
Generated
2026-06-16
AI Q&A
2025-12-31
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47747
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
apache http_server 2.4.46
jean-marc_louviaux metern 1.2.3
php php 7.2.33
jean-marc_louviaux metern 0.8.3.2
apache http_server 2.4.10
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an authenticated remote code execution (RCE) flaw in meterN versions 1.2.3 and 0.8.3.2. It exists in the admin_meter2.php and admin_indicator2.php scripts, where the application accepts POST parameters 'COMMANDx' and 'LIVECOMMANDx'. These parameters are sanitized using PHP's htmlspecialchars function but are then directly passed to the exec() function without proper validation, allowing an attacker with administrative privileges to execute arbitrary operating system commands remotely. The vulnerability can also be exploited via Cross-Site Request Forgery (CSRF), where an authenticated administrator visiting a malicious website could unknowingly execute arbitrary commands on the server. [1, 3, 4]

Impact Analysis

This vulnerability allows an attacker with administrative access to execute arbitrary system commands on the affected meterN server remotely. This can lead to full compromise of the system, including unauthorized data access, modification, deletion, or disruption of services. Additionally, because the vulnerability can be exploited via CSRF, an attacker could trick an authenticated administrator into executing malicious commands without their knowledge, increasing the risk of system takeover or data breach. [1, 3, 4]

Detection Guidance

This vulnerability can be detected by monitoring HTTP POST requests to the admin_meter2.php and admin_indicator2.php scripts that include the parameters 'COMMANDx' or 'LIVECOMMANDx'. Suspicious or unexpected POST requests containing these parameters may indicate exploitation attempts. Additionally, reviewing server logs for exec() calls triggered by these parameters can help detect exploitation. A practical detection method is to use tools like curl or wget to simulate POST requests with these parameters to test if the system executes commands. For example, a command to test might be: curl -X POST -d 'COMMANDx=whoami' http://<target>/admin_meter2.php and observe if the response contains the output of the command. Monitoring for unusual command execution or unexpected administrative commands in logs is also recommended. [1, 3]

Mitigation Strategies

Immediate mitigation steps include upgrading meterN to version 1.2.4.1 or later, where the vulnerability has been fixed. If upgrading is not immediately possible, restrict access to the admin_meter2.php and admin_indicator2.php scripts to trusted administrators only, ideally via network-level controls such as firewalls or VPNs. Disable or restrict the use of the 'COMMANDx' and 'LIVECOMMANDx' POST parameters if possible. Additionally, implement CSRF protections to prevent exploitation via malicious websites. Monitoring and logging administrative command executions can help detect exploitation attempts. Applying these mitigations reduces the risk until a full patch can be applied. [3, 4]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47747. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart