CVE-2021-21382 : Vulnerability Insights and Analysis

A vulnerability has been discovered in Restund that allows attackers to contact the status interface and issue administrative commands, potentially exposing sensitive information to wrong entities.

Understanding CVE-2021-21382

This CVE identifies an unsafe loopback forwarding interface in Restund, affecting versions prior to 0.4.15.

What is CVE-2021-21382?

Restund, an open-source NAT traversal server, contains a vulnerability that enables attackers to send administrative commands via the status interface, leading to potential exposure of private services.

The Impact of CVE-2021-21382

The vulnerability poses a high risk to the confidentiality of sensitive data, with a base severity rating of HIGH (8.6 CVSS score). It allows unauthorized attackers to interact with administrative functions and potentially compromise the integrity of the system.

Technical Details of CVE-2021-21382

The vulnerability stems from the

status

interface of Restund listening on

127.0.0.1

, enabling attackers to issue administrative commands when opening a TURN channel. Disabling the

status

module and TURN module, implementing firewall rules, and isolating TURN servers are recommended mitigation strategies.

Vulnerability Description

The issue arises from the ability to open a relay to the loopback address range, allowing unauthorized interaction with administrative functions.

Affected Systems and Versions

Restund versions prior to 0.4.15 are affected by this vulnerability.

Exploitation Mechanism

Attackers can contact the

status

interface with administrative commands by setting

XOR-PEER-ADDRESS

to

127.0.0.1:{{restund_udp_status_port}}

when opening a TURN channel.

Mitigation and Prevention

To address CVE-2021-21382, immediate steps such as disabling the

status

and

turn

modules are crucial. Long-term security practices involve setting up firewall rules on TURN servers and deploying them in an isolated environment.

Immediate Steps to Take

Disable the

status

and

turn

modules in the Restund configuration and ensure access control to prevent unauthorized administrative commands.

Long-Term Security Practices

Implement firewall rules on TURN servers to restrict relay activities and deploy them in isolated environments to minimize exposure to unauthorized entities.

Patching and Updates

Regularly update Restund to versions equal to or greater than 0.4.15 to address the vulnerability and enhance system security.