Security Advisory

CVE-2021-47745

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-31 18:39:11

Last updated 2026-03-05 14:31:59

Assigner VulnCheck

State PUBLISHED

Description

Cypress Solutions CTM-200 2.7.1 contains an authenticated command injection vulnerability in the firmware upgrade script that allows remote attackers to execute shell commands. Attackers can exploit the fw_url parameter in the ctm-config-upgrade.sh script to inject and execute arbitrary commands with root privileges.

← Browse all CVEs View on cve.org ↗