GHSA-cxqp-m6r8-mmpg

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In Ericsson Network Location MPS GMPC21, it is possible to creates a new admin user with a SQL Query for file_name in the export functionality.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2021-43338
https://pentest.com.tr/blog/RCE-via-Meow-Variant-along-with-an-Example-0day-PacketHackingVillage-Defcon29.html
https://www.exploit-db.com/exploits/50469

CVE ID

CVE-2021-43338

Дефекты

CWE-89

Связанные уязвимости

CVE-2021-43338

nvd

больше 4 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43339. Reason: This candidate is a duplicate of CVE-2021-43339. Notes: All CVE users should reference CVE-2021-43339 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

CVE ID

CVE-2021-43338

Дефекты

CWE-89