Security Advisory

CVE-2021-26471

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-08 18:36:14
Last updated 2024-09-16 16:22:33
Assigner mitre
State PUBLISHED

Description

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.