CVE-2021-46422

EPSS 94.8%

Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a remote attacker to execute OS commands without any authentication.

Produtos afetados

n/a · n/a

PoCs públicas encontradas — 17

githubgithub.com/Chocapikk/CVE-2021-46422★ 3 githubgithub.com/Awei507/CVE-RCE★ 3 githubgithub.com/yyqxi/CVE-2021-46422★ 2 githubgithub.com/polerstar/CVE-2021-46422-poc★ 1 githubgithub.com/kailing0220/CVE-2021-46422★ 1 githubgithub.com/nobodyatall648/CVE-2021-46422★ 1 githubgithub.com/xanszZZ/SDT_CW3B1_rce★ 1 githubgithub.com/latings/CVE-2021-46422★ 1 githubgithub.com/kelemaoya/CVE-2021-46422★ 0 githubgithub.com/twoning/CVE-2021-46422_PoC★ 0 githubgithub.com/CJ-0107/cve-2021-46422★ 0 githubgithub.com/yigexioabai/CVE-2021-46422_RCE★ 0 githubgithub.com/ZAxyr/CVE-2021-46422★ 0 exploitdbwww.exploit-db.com/exploits/50948não verificado cve_referencepacketstormsecurity.com/files/167387/Telesquare-SDT-CW3B1-1.1.0-Command-Injection.htmlnão verificado exploitdbwww.exploit-db.com/exploits/50936não verificado cve_referencepacketstormsecurity.com/files/167201/SDT-CW3B1-1.1.0-Command-Injection.htmlnão verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/167201/SDT-CW3B1-1.1.0-Command-Injection.html http://packetstormsecurity.com/files/167387/Telesquare-SDT-CW3B1-1.1.0-Command-Injection.html https://drive.google.com/drive/folders/1YJlVlb4SlTEGONzIjiMwd2P7ucP_Pm7T?usp=sharing