CVE-2021-47851

Name of the Vulnerable Software and Affected Versions Mini Mouse version 9.2.0

Description The software contains a remote code execution issue that allows attackers to execute arbitrary commands. This is possible through an unauthenticated HTTP endpoint, specifically the /op=command endpoint. Attackers can send crafted JSON requests containing malicious script commands to download and execute payloads. The vulnerability does not require authentication.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.