Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2021-38485

Disclosure Date: October 05, 2021 (last updated February 23, 2025)
The affected product is vulnerable to improper input validation in the restore file. This enables an attacker to provide malicious config files to replace any file on disk.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-42538

Disclosure Date: October 05, 2021 (last updated February 23, 2025)
The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-42542

Disclosure Date: October 05, 2021 (last updated February 23, 2025)
The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-42539

Disclosure Date: October 05, 2021 (last updated February 23, 2025)
The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and unapproved settings change.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-42536

Disclosure Date: October 05, 2021 (last updated February 23, 2025)
The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-42540

Disclosure Date: October 05, 2021 (last updated February 23, 2025)
The affected product is vulnerable to a unsanitized extract folder for system configuration. A low-privileged user can leverage this logic to overwrite the settings and other key functionality.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0