CVE-2021-36322

Vulnerability

Dell Networking X-Series firmware versions before 3.0.1.8 and Dell PowerEdge VRTX Switch Module firmware versions before 2.0.0.83 are affected by a host header injection vulnerability (CVE-2021-36322). The web application does not properly validate user-controllable Host headers, allowing an attacker to inject arbitrary host header values into requests processed by the management interface [1].

Exploitation

An unauthenticated remote attacker can send a crafted HTTP request to the affected device's web management interface with a malicious Host header value. No prior authentication or special network position (beyond network access to the management port) is required. The attacker only needs to ensure the injected header is reflected in the device's response, enabling cache poisoning or redirection triggers [1].

Impact

Successful exploitation can lead to web cache poisoning, where cached responses are served to other users based on the injected host value, or to HTTP redirection to an attacker-controlled site. This could enable phishing or information disclosure via malicious redirects. The CVSS v3.1 base score is 6.1 (Medium) with vector AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N, indicating a scope change and low CIA impact [1].

Mitigation

Dell has released firmware version 3.0.1.9 for the Networking X-Series and version 2.0.0.83 for the PowerEdge VRTX Switch Module to address this vulnerability. Users should update to these fixed versions as soon as possible. No workaround is available, and the product is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of this writing [1].