NA

CVE-2021-31891

Published: 14/09/2021 Updated: 14/09/2021

Vulnerability Summary

A vulnerability has been identified in Desigo CC (All versions with OIS Extension Module), GMA-Manager (All versions with OIS running on Debian 9 or earlier), Operation Scheduler (All versions with OIS running on Debian 9 or earlier), Siveillance Control (All versions with OIS running on Debian 9 or earlier), Siveillance Control Pro (All versions). The affected application incorrectly neutralizes special elements in a specific HTTP GET request which could lead to command injection. An unauthenticated remote attacker could exploit this vulnerability to execute arbitrary code on the system with root privileges.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vendor Advisories

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSA-535380: Command Injection Vulnerability in Siveillance OIS Affecting Several Building Management Systems Publication Date: 2021-09-14 Last Update: 2021-09-14 Current Version: 10 CVSS v31 Base Score: 100 SUMMARY ======= The Siveillance Open Interface Services ...