Lucene search
INCIBECVELIST:CVE-2021-33841HistoryJun 09, 2021 - 11:50 a.m.
CVE-2021-33841 Circutor SGE-PLC1000 OS command Injection
2021-06-0911:50:24
CWE-78
INCIBE
www.cve.org
3
circutor sge-plc1000
cve-2021-33841
os command injection
firmware version
remote attacker
operating system
maximum privileges
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.006
Percentile
78.6%
SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly, allowing a remote attacker to inject code into the operating system with maximum privileges.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SGE-PLC1000",
"vendor": "Circutor",
"versions": [
{
"status": "affected",
"version": "0.9.2b"
}
]
}
]Related
nvd
nvd
CVE-2021-33841
2021-06-09 12:15:07
cnvd
cnvd
Circutor SGE-PLC1000 OS Command Injection Vulnerability
2021-06-11 00:00:00
prion
prion
Code injection
2021-06-09 12:15:00
cve
cve
CVE-2021-33841
2021-06-09 12:15:07
CVSS3
10
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.006
Percentile
78.6%
Related for CVELIST:CVE-2021-33841