CVE-2021-47799
BaseFortify
Publication date: 2026-01-15
Last updated on: 2026-01-15
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| visual_tools | dvr_vx16 | 4.2.28 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Visual Tools DVR VX16 version 4.2.28 due to an unsafe sudo configuration. It allows a local attacker to escalate their privileges to root by exploiting the sudo settings with mount commands. Specifically, an attacker can execute a command that binds a shell to a mount point, gaining unauthorized root access on the system. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with local access to gain root privileges on the affected DVR device. This means the attacker can execute any command with full system privileges, potentially compromising the entire system, accessing sensitive data, or disrupting device functionality. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the unsafe sudo configuration that allows mounting a shell. Specifically, you can test if the command `sudo mount -o bind /bin/sh /bin/mount` executes successfully, which indicates the system is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include reviewing and correcting the sudo configuration to prevent the use of mount commands with unsafe options, especially disallowing the bind mount of shells. Restrict sudo privileges to trusted users and remove or limit the ability to run mount commands via sudo. [1]