Security Advisory

CVE-2021-41290

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-30 10:40:49

Last updated 2024-09-16 22:25:25

Assigner twcert

State PUBLISHED

Description

ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to execute arbitrary code on the affected device.

← Browse all CVEs View on cve.org ↗