Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-21292
HistoryFeb 02, 2021 - 8:15 p.m.

CVE-2021-21292

2021-02-0220:15:12
Google
osv.dev
9
traccar
gps tracking system
vulnerability
windows
file system access
privilege escalation
java
security issue
software

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON

Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their privilege to the same as Traccar service (system). This is fixed in version 4.12.

Related

cvelist 1
prion 1
nvd 1
cve 1
cvelist
cvelist
CVE-2021-21292 Unquoted Windows binary path in Traccar
2021-02-02 19:35:16
prion
prion
Design/Logic Flaw
2021-02-02 20:15:00
nvd
nvd
CVE-2021-21292
2021-02-02 20:15:12
cve
cve
CVE-2021-21292
2021-02-02 20:15:12

AI Score

6.7

Confidence

High

EPSS

0.001

Percentile

30.7%

JSON
Related for OSV:CVE-2021-21292
cvelist1prion1nvd1cve1