CVE-2021-21909

Опубликовано: 22 дек. 2021

Источник: nvd

CVSS3: 6

CVSS3: 8.1

CVSS2: 5.5

EPSS Низкий

Описание

Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1359
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1359
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:garrett:ic_module_firmware:5.0:*:*:*:*:*:*:*

cpe:2.3:h:garrett:ic_module:-:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00511

Низкий

6 Medium

CVSS3

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-j687-329v-vcjf

CVSS3: 8.1

github

около 4 лет назад

Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability

EPSS

Процентиль: 66%

0.00511

Низкий

6 Medium

CVSS3

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-22