Description
A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Dream Security Co.,Ltd | MagicLine4NX.exe | affected |
|
Configuration 1 [-]
| AND |
|
No data.
No data available yet.
Remediation
Vendor Solution
Update software over 1.0.0.18 version or higher.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2021-13400 | A vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. This vulnerability is due to insufficient validation of the authorization certificate. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: krcert
Published:
Updated: 2024-09-16T22:46:44.804Z
Reserved: 2021-02-03T00:00:00.000Z
Link: CVE-2021-26606
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-08-06T15:15:08.617
Modified: 2024-11-21T05:56:34.387
Link: CVE-2021-26606
Redhat
No data.
OpenCVE Enrichment
No data.