CVE-2021-38702 Scanner

Cyberoam NetGenie C0101B1 is a device used to safeguard home and small office networks. It is primarily designed for providing internet security to users at an affordable price. This tool offers several built-in features, like firewall, parental control, web filtering and VPN connectivity, to ensure secure connections between devices and the internet. The Cyberoam NetGenie devices are perfect for those needing basic internet security measures for their home or small business.

However, there is a significant flaw with this product. The vulnerability code CVE-2021-38702, has been detected in the Cyberoam NetGenie C0101B1-20141120-NG11VO devices even up to August 14, 2021. This vulnerability allows for attacks involving Cross Site Scripting (XSS) against a specific web page, tweb/ft.php?u= [XSS], which can be easily exploited.

When exploited, the CVE-2021-38702 vulnerability in Cyberoam NetGenie C0101B1-20141120-NG11VO devices can lead to the injection of arbitrary web script code into a victim's browser, thereby giving access to their internet activity to the attacker. With this vulnerability, attackers can steal sensitive data from a victim, such as passwords, credit card numbers, or other confidential information. This flaw in the device puts users' privacy and security at risk.

With the pro features of the securityforeveryone.com platform, users can quickly and easily stay up-to-date with vulnerabilities in their digital assets. By utilizing this service, users can address vulnerabilities as soon as they are discovered, ensuring the protection of their personal data and privacy. With comprehensive vulnerability scans of networks and devices, securityforeveryone.com provides a holistic approach to internet security, with the ability to cover a wide range of exploitable areas and offer suggested solutions. 

REFERENCES

• http://packetstormsecurity.com/files/163859/Cyberoam-NetGenie-Cross-Site-Scripting.html
• http://seclists.org/fulldisclosure/2021/Aug/20
• http://www.cyberoamworks.com/NetGenie-Home.asp
• https://seclists.org/fulldisclosure/2021/Aug/20