Insecure Permissions in Planex MZK-DP150N Administration Interface: Remote Command Execution

CVE-2021-37289 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp.

Learn more about our Web App Pen Testing.