CVE-2021-43779

Name of the Vulnerable Software and Affected Versions GLPI versions prior to 2.9.1

Description GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin suffers from authenticated Remote Code Execution, allowing access to the server's underlying operating system using command injection abuse of functionality.

Recommendations For versions prior to 2.9.1, upgrade to version 2.9.1 or later. As a temporary workaround, consider disabling the addressing plugin until a patch is available.