DATABASE RESOURCES PRICING ABOUT US

{"id": "SSV:99274", "type": "seebug", "bulletinFamily": "exploit", "title": "QNAP Roon Server\u672a\u6388\u6743RCE\u6f0f\u6d1e\uff08CVE-2021-28810\u3001CVE-2021-28811\uff09", "description": "", "published": "2021-06-15T00:00:00", "modified": "2021-06-15T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "https://www.seebug.org/vuldb/ssvid-99274", "reporter": "Knownsec", "references": [], "cvelist": ["CVE-2021-28810", "CVE-2021-28811"], "immutableFields": [], "lastseen": "2021-07-24T09:55:52", "viewCount": 39, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-28810", "CVE-2021-28811"]}], "rev": 4}, "score": {"value": 4.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-28810", "CVE-2021-28811"]}]}, "exploitation": null, "vulnersScore": 4.9}, "sourceHref": "", "sourceData": "", "status": "cve,details", "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1646157033}}

{"cve": [{"lastseen": "2022-03-23T16:42:57", "description": "If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-06-08T03:15:00", "type": "cve", "title": "CVE-2021-28811", "cwe": ["CWE-77"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28811"], "modified": "2021-06-21T15:05:00", "cpe": [], "id": "CVE-2021-28811", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28811", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "cpe23": []}, {"lastseen": "2022-03-23T16:42:55", "description": "If exploited, this vulnerability allows an attacker to access resources which are not otherwise accessible without proper authentication. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-06-08T03:15:00", "type": "cve", "title": "CVE-2021-28810", "cwe": ["CWE-290"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28810"], "modified": "2021-06-15T14:41:00", "cpe": [], "id": "CVE-2021-28810", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-28810", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}]}