CVE-2021-26724 – OS Command Injection vulnerability when changing date settings or hostname using web GUI o …

Vuln ID: CVE-2021-26724

Published:  2021-02-22  21:15:19Z

Description: OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.

Source: NVD.NIST.GOV