logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-40222

Description

Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitize user input on Network TCP/IP configuration page. This allows the attacker to inject commands as root on the device which will be executed once the data is received.


Affected Software


CPE Name Name Version
rittal:cmc_pu_iii_7030.000_firmware rittal cmc pu iii 7030.000 firmware 3.17.10

Related