Security Vulnerabilities - CVEs Published In August 2021
The @diez/generation npm package is a client for Diez. The locateFont method of @diez/generation has a command injection vulnerability. Clients of the @diez/generation library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. All versions of this package are vulnerable as of the writing of this CVE.
CVSS Score
3.9
EPSS Score
0.002
Published
2021-08-17
In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS encrypted session between an SMTP client and s/qmail. This allows e-mail messages and user credentials to be sent to the MitM attacker.
CVSS Score
5.9
EPSS Score
0.005
Published
2021-08-17
The Motorola MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.
CVSS Score
6.1
EPSS Score
0.0
Published
2021-08-17
A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter.
CVSS Score
6.8
EPSS Score
0.001
Published
2021-08-17
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow code execution if a specific file exists on the attached SD card. This vulnerability is the same as CNVD-2021-45262.
CVSS Score
6.6
EPSS Score
0.001
Published
2021-08-17
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.
CVSS Score
9.4
EPSS Score
0.003
Published
2021-08-17
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. This vulnerability is the same as CNVD-2020-68652.
CVSS Score
7.2
EPSS Score
0.013
Published
2021-08-17
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.
CVSS Score
7.3
EPSS Score
0.0
Published
2021-08-17
Cross Site Request Forgery (CSRF) vulnerability exists in SeaCMS 10.7 in admin_manager.php, which could let a malicious user add an admin account.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-08-17
ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution (RCE) via bypass of the Groovy shell sandbox. The REST API exposes the GET zstack/v1/batch-queries?script endpoint which is backed up by the BatchQueryAction class. Messages are represented by the APIBatchQueryMsg, dispatched to the QueryFacadeImpl facade and handled by the BatchQuery class. The HTTP request parameter script is mapped to the APIBatchQueryMsg.script property and evaluated as a Groovy script in BatchQuery.query the evaluation of the user-controlled Groovy script is sandboxed by SandboxTransformer which will apply the restrictions defined in the registered (sandbox.register()) GroovyInterceptor. Even though the sandbox heavily restricts the receiver types to a small set of allowed types, the sandbox is non effective at controlling any code placed in Java annotations and therefore vulnerable to meta-programming escapes. This issue leads to post-authenticated remote code execution. For more details see the referenced GHSL-2021-065. This issue is patched in versions 3.8.21, 3.10.8, and 4.1.0.
CVSS Score
9.6
EPSS Score
0.014
Published
2021-08-17