CyberSec.Space Logo
Back to CVE Browser

CVE-2021-43936

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1080%
EPSS Percentile28.47th
PublishedDec 6, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

The software allows the attacker to upload or transfer files of dangerous types to the WebHMI portal, that may be automatically processed within the product's environment or lead to arbitrary code execution.

Affected Platforms (CPE)

πŸ’»
Webhmi

Webhmi Firmware

< 4.1

References & Advisories

πŸ”— http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html
πŸ”— https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03
πŸ”— http://packetstormsecurity.com/files/165252/WebHMI-4.0-Remote-Code-Execution.html
πŸ”— https://us-cert.cisa.gov/ics/advisories/icsa-21-336-03

Related Vulnerabilities

CVE-2021-3916710.0

OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an act...

CVE-2021-3916810.0

OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an act...

CVE-2021-3388510.0

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthen...

CVE-2021-3919910.0

remark-html is an open source nodejs library which compiles Markdown to HTML. In affected versions the documentation of remark-htm...