PT-2022-11594 · Sapido · Sapido Br270N+3
Ireading
·
Published
2022-11-30
·
Updated
2022-12-02
·
CVE-2021-4242
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sapido BR270n (affected versions not specified)
Sapido BRC76n (affected versions not specified)
Sapido GR297 (affected versions not specified)
Sapido RB1732 (affected versions not specified)
Description
A critical issue affects some unknown functionality of the file
ip/syscmd.htm, leading to os command injection. The attack can be launched remotely.Recommendations
For Sapido BR270n, consider restricting access to the file
ip/syscmd.htm to minimize the risk of exploitation.
For Sapido BRC76n, consider restricting access to the file ip/syscmd.htm to minimize the risk of exploitation.
For Sapido GR297, consider restricting access to the file ip/syscmd.htm to minimize the risk of exploitation.
For Sapido RB1732, consider restricting access to the file ip/syscmd.htm to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Improper Neutralization
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sapido Br270N
Sapido Brc76N
Sapido Gr297N
Sapido Rb1732