CVE-2021-26606

Name of the Vulnerable Software and Affected Versions Dream Security PKI Security Solution version le1.0.0.17

Description A vulnerability in the PKI Security Solution of Dream Security could allow arbitrary command execution due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected program, potentially allowing remote execution of arbitrary code on a target system.

Recommendations For version le1.0.0.17, consider applying the official fix to resolve the issue. As a temporary workaround, restrict access to the authorization certificate validation mechanism to minimize the risk of exploitation. Avoid using the vulnerable magicline4nx.exe until the issue is resolved.