CVE-2021-44793 – Single Connect does not perform an authorization check when using the sc-reports-ui" …

27 January 2022

Vuln ID: CVE-2021-44793

Published: 2022-01-27 13:15:07Z

Description: Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information including the database credentials. Since the database runs with high privileges it is possible to execute commands with the attained credentials.

Source: NVD.NIST.GOV

Date:

27 January 2022

Categorie(s):

NVD

Tag(s):

NVD

Samourai cryptomixer founders indicted for money laundering25 April 2024
CISA to deploy automated vulnerability warning program by year end25 April 2024
iSharing app vulnerabilities put users’ locations at risk25 April 2024
Lincoln Project loses $35K following BEC attack25 April 2024
The real space race: Inside geopolitics and security of a $1.8T industry25 April 2024