Arbitrary Command Execution Vulnerability in reg-keygen-git-hash-plugin (<=0.10.15)

Arbitrary Command Execution Vulnerability in reg-keygen-git-hash-plugin (<=0.10.15)

CVE-2021-32673 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

reg-keygen-git-hash-plugin is a reg-suit plugin to detect the snapshot key to be compare with using Git commit hash. reg-keygen-git-hash-plugin through and including 0.10.15 allow remote attackers to execute of arbitrary commands. Upgrade to version 0.10.16 or later to resolve this issue.

Learn more about our Web Application Penetration Testing UK.