CVE-2021-33841

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0180%

EPSS Percentile16.96th

PublishedJun 9, 2021

Last ModifiedNov 21, 2024

Vulnerability Description

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

Affected Platforms (CPE)

💻

Circutor

Sge Plc1000 Firmware

= 0.9.2b

References & Advisories

🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection

Related Vulnerabilities

CVE-2021-338428.8

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker t...

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2021-231710.0

Vulnerability in the Oracle Cloud Infrastructure Storage Gateway product of Oracle Storage Gateway (component: Management Console)...