PT-2022-11426 · Leostream · Leostream Connection Broker

Published

2022-01-18

Updated

2022-01-27

CVE-2021-41550

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Leostream Connection Broker version 9.0.40.17

Description The issue allows an administrator to upload and execute Perl code.

Recommendations For Leostream Connection Broker version 9.0.40.17, consider restricting the upload functionality to prevent the execution of malicious Perl code until a patch is available.

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2021-41550

Affected Products

Leostream Connection Broker

PT-2022-11426 · Leostream · Leostream Connection Broker

CVE-2021-41550

Weakness Enumeration

Related Identifiers

Affected Products

References · 7