CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-21805

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.927

EPSS Ranking 99.7%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1274
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1274

Products affected by CVE-2021-21805

Advantech » R-Seenet » Version: 2.4.12

cpe:2.3:a:advantech:r-seenet:2.4.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-21805

Products

Pricing

Contact Us