Skip to the content.

CVE-2021-42081 - Authenticated Remote Command Execution vulnerability in OSNEXUS QuantaStor before

CVE CVE-2021-42081
Affected products
Product Affected Unaffected Unknown
OSNEXUS QuantaStor >= semver 0 to <
everything else
CVSS Base score: 9.1 (CRITICAL)
Problem type(s) CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Solution(s) Upgrade to the latest version of OSNEXUS QuantaStor.
Last modified 06 Jul 2023 15:46


An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API.

JSON version