CVE-2021-37913

Beschreibung:
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in.

CWE: CWE-78

CVSS-Bewertung
CVSS 2: – (Version: )
CVSS 3: CRITICAL – 9.8 (Version: 3.1)

Links:

NVD – CVE-2021-37913
CVE – CVE-2021-37913

Link (max. 20) Quelle Tags
N/A CONFIRM
https://github.com/openssh/openssh-portable/pull/270 MISC
https://rushter.com/blog/public-ssh-keys/ MISC
https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak MISC

Quelle: NVD – CVE-2021-37913
Datum Veröffentlichung: 2021-09-15T19:15Z, Datum letzte Änderung: 2021-09-15T20:20Z