Command Injection Vulnerability in SMA100 Management Interface

Command Injection Vulnerability in SMA100 Management Interface

CVE-2021-20035 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS.

Learn more about our User Device Pen Test.