CVE-2021-40222

Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitize user input on Network TCP/IP configuration page. This allows the attacker to inject commands as root on the device which will be executed once the data is received.
References
Link Resource
https://github.com/asang17/CVE-2021-RCE Exploit Third Party Advisory
Configurations

Configuration 1


Information

Published : 2021-09-09 12:15

Updated : 2021-09-22 01:23


NVD link : CVE-2021-40222

Mitre link : CVE-2021-40222

Products Affected
No products.
CWE