CVE-2021-21904

Name of the Vulnerable Software and Affected Versions iC Module CMA version 5.0

Description A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA. An attacker can provide malicious input to trigger this vulnerability.

Recommendations For iC Module CMA version 5.0, consider restricting access to the setenv command in the CMA CLI to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.