CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-33841

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0180%
EPSS Percentile16.96th
Published2021年6月9日
Last Modified2024年11月21日

Vulnerability Description

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.

Affected Platforms (CPE)

💻
Circutor

Sge Plc1000 Firmware

= 0.9.2b

References & Advisories

🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection
🔗 https://www.incibe.es/en/incibe-cert/notices/aviso-sci/circutor-sge-plc1000-os-command-injection

相关漏洞威胁

CVE-2021-338428.8

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker t...

CVE-2021-138810.0

A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could a...

CVE-2021-4422810.0

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration...

CVE-2021-2132110.0

fastify-reply-from is an npm package which is a fastify plugin to forward the current http request to another server. In fastify-r...