Arbitrary Command Execution in DSA KeyPasswd Parameter

Arbitrary Command Execution in DSA KeyPasswd Parameter

CVE-2021-21874 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.

Learn more about our Web Application Penetration Testing UK.