Command Injection Vulnerability in Pulse Connect Secure Allows Remote Code Execution via Windows Resource Profiles Feature
CVE-2021-22899 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature
Learn more about our Web Application Penetration Testing UK.