Arbitrary Command Execution in RSA Keypasswd Parameter via Specially-Crafted HTTP Request

Arbitrary Command Execution in RSA Keypasswd Parameter via Specially-Crafted HTTP Request

CVE-2021-21873 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.