CVE-2021-42852

CVSS 8 HIGHEPSS 0.8%CWE-78

A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Productos afectados

Lenovo · Personal Cloud Storage A1 Lenovo · Personal Cloud Storage T1 Lenovo · Personal Cloud Storage T2 Lenovo · Personal Cloud Storage T2Pro Lenovo · Personal Cloud Storage X1

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://iknow.lenovo.com.cn/detail/dc_200017.html