In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: CERTVDE

Published: 2021-08-02T10:24:31.012186Z

Updated: 2024-09-16T17:42:36.084Z

Reserved: 2021-05-24T00:00:00

Link: CVE-2021-33527

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-08-02T11:15:11.287

Modified: 2022-04-29T17:47:09.857

Link: CVE-2021-33527

cve-icon Redhat

No data.