← back
CVE-2021-42071

CVE-2021-42071

EPSS 69.9%
In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header.
Affected products
n/a · n/a
public PoCs found2
githubgithub.com/adubaldo/CVE-2021-420710cve_referencewww.exploit-db.com/exploits/50098unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://visual-tools.com/https://www.exploit-db.com/exploits/50098https://www.swascan.com/security-advisory-visual-tools-dvr-cve-2021-42071/