2 matches found
CVE-2021-20142
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20142
The CVE-2021-20142 entry describes an unauthenticated command injection in Gryphon Tower routers. Affected component: controller_server service (operation 41). Root cause: inadequate input filtering of parameters, allowing crafted packets to inject commands. Attack path: remote attacker on the sa...