Vulnerability Description
HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hd-Network Real-Time Monitoring System Project | Hd-Network Real-Time Monitoring System | 2.0 |
Related Weaknesses (CWE)
References
- https://drive.google.com/file/d/1DlfZz0F8skWy3Mkahx_NMo-sYZh9-eun/view?usp=shariExploitThird Party Advisory
- https://drive.google.com/file/d/1bx9yCN-IHYuRpd7g3jhMb0LcTC1ARzSX/view?usp=shariExploitThird Party Advisory
- https://drive.google.com/file/d/1DlfZz0F8skWy3Mkahx_NMo-sYZh9-eun/view?usp=shariExploitThird Party Advisory
- https://drive.google.com/file/d/1bx9yCN-IHYuRpd7g3jhMb0LcTC1ARzSX/view?usp=shariExploitThird Party Advisory
FAQ
What is CVE-2021-45043?
CVE-2021-45043 is a vulnerability with a CVSS score of 7.5 (HIGH). HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter.
How severe is CVE-2021-45043?
CVE-2021-45043 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-45043?
Check the references section above for vendor advisories and patch information. Affected products include: Hd-Network Real-Time Monitoring System Project Hd-Network Real-Time Monitoring System.