CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-38306

Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.316

EPSS Ranking 96.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://www.lg.com/uk/support/product/lg-N1T1DD1
https://www.lg.com/us/burners-drives/lg-N1T1-network-attached-storage
https://zerosecuritypenetrationtesting.com/?page_id=306
https://www.lg.com/uk/support/product/lg-N1T1DD1
https://www.lg.com/us/burners-drives/lg-N1T1-network-attached-storage
https://zerosecuritypenetrationtesting.com/?page_id=306

Products affected by CVE-2021-38306

Lg » N1t1 » Version: N/A

cpe:2.3:h:lg:n1t1:-
Lg » N1t1dd1 » Version: N/A

cpe:2.3:h:lg:n1t1dd1:-
Lg » N1t1 Firmware » Version: N/A

cpe:2.3:o:lg:n1t1_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-38306

Products

Pricing

Contact Us