← back
CVE-2021-43339

CVE-2021-43339

EPSS 9.6%
In Ericsson Network Location before 2021-07-31, it is possible for an authenticated attacker to inject commands via file_name in the export functionality. For example, a new admin user could be created.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/50469unverifiedcve_referencewww.exploit-db.com/exploits/50468unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.htmlhttps://www.exploit-db.com/exploits/50468https://www.exploit-db.com/exploits/50469