Back to overview

Helmholz: Privilege Escalation in shDialup (Update A)

VDE-2021-057
Last update
05/14/2025 15:00
Published at
03/28/2021 15:03
Vendor(s)
Helmholz GmbH & Co. KG
External ID
VDE-2021-057
CSAF Document
Download

Summary

Multiple Vulnerabilities in a software service of shDIALUP can lead to arbitrary code execution due to improper privilege management.

Update A, 2022-03-28

Updated CVSS score from CVE-2021-33527 from 7.8 to 9.8 due to new information about the vulnerability

Impact

Please consult the CVE entries.

Affected Product(s)

Model no. Product name Affected versions
shDialup Firmware <=3.9R0.0

Vulnerabilities

Expand / Collapse all

Published
09/22/2025 14:57
Severity
9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Input Validation (CWE-20)
Summary

In MB connect line mbDIALUP versions <=3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service.

References
cve.org | nvd.nist.gov

Published
09/22/2025 14:57
Severity
7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness
Improper Privilege Management (CWE-269)
Summary

In MB connect line mbDIALUP versions <=3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.

References
cve.org | nvd.nist.gov

Remediation

Update shDialup to 3.9R0.5

Revision History

Version Date Summary
1 03/28/2021 15:03 initial revision
2 05/14/2025 15:00 Fix: added distribution