CVE-2021-40661: n/a in n/a
A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10'). It was possible to traverse the folders of the affected host by providing a traversal path to the 'webpage' parameter in AutoCE.ini This could allow a remote unauthenticated adversary to access additional files on the affected system. This could also allow the adversary to perform further enumeration against the affected host to identify the versions of the systems in use, in order to launch further attacks in future.
AI Analysis
Technical Summary
CVE-2021-40661 is a remote, unauthenticated directory traversal vulnerability affecting the web interface of IND780 Advanced Weighing Terminals, specifically versions labeled IND780_8.0.07 (Build March 19, 2018) and IND780_7.2.10 (Build June 18, 2012). The vulnerability arises from improper validation of the 'webpage' parameter in the AutoCE.ini configuration file, which allows an attacker to supply directory traversal sequences (e.g., '../') to access files outside the intended web directory. This flaw enables an unauthenticated remote adversary to enumerate and read arbitrary files on the affected device's filesystem. Such unauthorized file access can reveal sensitive information including configuration files, system version details, or other data that could facilitate further targeted attacks. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and has a CVSS v3.1 base score of 7.5 (high severity), reflecting its ease of exploitation (network attack vector, no privileges or user interaction required) and significant confidentiality impact. Although no known exploits have been reported in the wild, the vulnerability poses a substantial risk due to the critical nature of the affected devices, which are industrial weighing terminals often used in logistics, manufacturing, and supply chain environments. The lack of authentication requirement and the ability to remotely access sensitive files make this a serious security concern that could lead to information disclosure and enable subsequent attacks against the affected systems or networks.
Potential Impact
For European organizations utilizing IND780 Advanced Weighing Terminals, this vulnerability could lead to unauthorized disclosure of sensitive operational data and system information. Such data leakage may compromise confidentiality of business processes, inventory data, or proprietary configurations. Attackers could leverage the information obtained to identify system versions and weaknesses, facilitating further exploitation such as targeted malware deployment or disruption of weighing operations. Given the critical role these terminals play in supply chain and manufacturing workflows, exploitation could indirectly affect operational integrity and business continuity. Additionally, unauthorized access to device files might expose credentials or network configuration details, increasing the risk of lateral movement within corporate networks. The impact is particularly relevant for industries with stringent regulatory requirements around data protection and operational security, such as pharmaceuticals, food production, and logistics sectors prevalent in Europe.
Mitigation Recommendations
To mitigate this vulnerability, organizations should first verify if their IND780 Advanced Weighing Terminals are running the affected firmware versions (IND780_8.0.07 or IND780_7.2.10). Since no official patches or updates are referenced, immediate mitigation steps include restricting network access to the web interface of these devices by implementing network segmentation and firewall rules to limit exposure only to trusted management networks. Employing VPNs or secure tunnels for remote access can further reduce risk. Monitoring and logging access to the devices' web interfaces should be enhanced to detect suspicious traversal attempts. If possible, disable or restrict the use of the 'webpage' parameter or any web interface features that accept user input for file paths. Vendors should be contacted to inquire about firmware updates or patches addressing this vulnerability. Additionally, organizations should conduct regular security assessments of industrial control systems and apply compensating controls such as intrusion detection systems tailored for industrial environments to detect exploitation attempts.
Affected Countries
Germany, France, Italy, Spain, Netherlands, Belgium, Poland, Czech Republic, Sweden, United Kingdom
CVE-2021-40661: n/a in n/a
Description
A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10'). It was possible to traverse the folders of the affected host by providing a traversal path to the 'webpage' parameter in AutoCE.ini This could allow a remote unauthenticated adversary to access additional files on the affected system. This could also allow the adversary to perform further enumeration against the affected host to identify the versions of the systems in use, in order to launch further attacks in future.
AI-Powered Analysis
Technical Analysis
CVE-2021-40661 is a remote, unauthenticated directory traversal vulnerability affecting the web interface of IND780 Advanced Weighing Terminals, specifically versions labeled IND780_8.0.07 (Build March 19, 2018) and IND780_7.2.10 (Build June 18, 2012). The vulnerability arises from improper validation of the 'webpage' parameter in the AutoCE.ini configuration file, which allows an attacker to supply directory traversal sequences (e.g., '../') to access files outside the intended web directory. This flaw enables an unauthenticated remote adversary to enumerate and read arbitrary files on the affected device's filesystem. Such unauthorized file access can reveal sensitive information including configuration files, system version details, or other data that could facilitate further targeted attacks. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and has a CVSS v3.1 base score of 7.5 (high severity), reflecting its ease of exploitation (network attack vector, no privileges or user interaction required) and significant confidentiality impact. Although no known exploits have been reported in the wild, the vulnerability poses a substantial risk due to the critical nature of the affected devices, which are industrial weighing terminals often used in logistics, manufacturing, and supply chain environments. The lack of authentication requirement and the ability to remotely access sensitive files make this a serious security concern that could lead to information disclosure and enable subsequent attacks against the affected systems or networks.
Potential Impact
For European organizations utilizing IND780 Advanced Weighing Terminals, this vulnerability could lead to unauthorized disclosure of sensitive operational data and system information. Such data leakage may compromise confidentiality of business processes, inventory data, or proprietary configurations. Attackers could leverage the information obtained to identify system versions and weaknesses, facilitating further exploitation such as targeted malware deployment or disruption of weighing operations. Given the critical role these terminals play in supply chain and manufacturing workflows, exploitation could indirectly affect operational integrity and business continuity. Additionally, unauthorized access to device files might expose credentials or network configuration details, increasing the risk of lateral movement within corporate networks. The impact is particularly relevant for industries with stringent regulatory requirements around data protection and operational security, such as pharmaceuticals, food production, and logistics sectors prevalent in Europe.
Mitigation Recommendations
To mitigate this vulnerability, organizations should first verify if their IND780 Advanced Weighing Terminals are running the affected firmware versions (IND780_8.0.07 or IND780_7.2.10). Since no official patches or updates are referenced, immediate mitigation steps include restricting network access to the web interface of these devices by implementing network segmentation and firewall rules to limit exposure only to trusted management networks. Employing VPNs or secure tunnels for remote access can further reduce risk. Monitoring and logging access to the devices' web interfaces should be enhanced to detect suspicious traversal attempts. If possible, disable or restrict the use of the 'webpage' parameter or any web interface features that accept user input for file paths. Vendors should be contacted to inquire about firmware updates or patches addressing this vulnerability. Additionally, organizations should conduct regular security assessments of industrial control systems and apply compensating controls such as intrusion detection systems tailored for industrial environments to detect exploitation attempts.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2021-09-07T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d981bc4522896dcbd9acc
Added to database: 5/21/2025, 9:08:43 AM
Last enriched: 7/5/2025, 2:43:30 PM
Last updated: 7/28/2025, 8:06:00 AM
Views: 8
Related Threats
CVE-2025-8671: CWE-404 Improper Resource Shutdown or Release in IETF HTTP Working Group HTTP/2
HighCVE-2025-48989: CWE-404 Improper Resource Shutdown or Release in Apache Software Foundation Apache Tomcat
HighCVE-2025-55280: CWE-312: Cleartext Storage of Sensitive Information in ZKTeco Co WL20 Biometric Attendance System
MediumCVE-2025-55279: CWE-798: Use of Hard-coded Credentials in ZKTeco Co WL20 Biometric Attendance System
MediumCVE-2025-54465: CWE-798: Use of Hard-coded Credentials in ZKTeco Co WL20 Biometric Attendance System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.