SecuriTricks - CVE-2021-4471

Description

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading to loss of confidentiality and further unauthorized access.

Product(s) Impacted

Product	Versions
firewall	*

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-538

Insertion of Sensitive Information into Externally-Accessible File or Directory

The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information.

References

https://ssd-disclosure.com/ssd-advisory-tg8-firewall-preauth-rce-and-password-disclosure/

https://web.archive.org/web/20211024224240/http://www.tg8security.com/

https://www.vulncheck.com/advisories/tg8-firewall-unauthenticated-user-password-disclosure

https://ssd-disclosure.com/ssd-advisory-tg8-firewall-preauth-rce-and-password-disclosure/

CVSS Score

8.7 / 10

CVSS Data - 4.0

Attack Vector: NETWORK
Attack Complexity: LOW
Attack Requirements: NONE
Privileges Required: NONE
User Interaction: NONE
Scope:
Confidentiality Impact: HIGH
Integrity Impact: NONE
Availability Impact: NONE
Exploit Maturity: NOT_DEFINED

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

View Vector String

Timeline

Published: Nov. 14, 2025, 11:15 p.m.
Last Modified: Nov. 18, 2025, 2:06 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

disclosure@vulncheck.com

CVE-2021-4471