CVE-2021-29393

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1080%

EPSS Percentile38.06th

Published2022年2月4日

Last Modified2024年11月21日

Vulnerability Description

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote unauthenticated users to inject and execute arbitrary system commands via the unsanitized user-controlled "command" and "commandvalues" parameters.

Affected Platforms (CPE)

📦

Globalnorthstar

Northstar Club Management

= 6.3

References & Advisories

🔗 https://ardent-security.com

🔗 https://ardent-security.com/en/advisory/asa-2021-01/