Remote Root Access Vulnerability in MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 Devices

Remote Root Access Vulnerability in MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 Devices

CVE-2021-42165 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

MitraStar GPT-2541GNAC-N1 (HGU) 100VNZ0b33 devices allow remote authenticated users to obtain root access by executing command "deviceinfo show file &&/bin/bash" because of incorrect sanitization of parameter "path".

Learn more about our User Device Pen Test.