Nascent Remkon Device Manager vulnerabilities
3 known vulnerabilities affecting nascent/remkon_device_manager.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2021-38611P2CRITICALCVSS 9.8v4.0.0.02021-08-24
CVE-2021-38611 [CRITICAL] CWE-77 CVE-2021-38611: A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.
nvd
CVE-2021-38613P2CRITICALCVSS 9.8v4.0.0.02021-08-24
CVE-2021-38613 [CRITICAL] CWE-434 CVE-2021-38613: The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attack
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution.
nvd
CVE-2021-38612P3HIGHCVSS 7.5v4.0.0.02021-08-24
CVE-2021-38612 [HIGH] CWE-22 CVE-2021-38612: In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading funct
In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL.
nvd