Skip to the content.

CVE-2021-4406 - Authenticated Remote COmmand Execution as root in OSNEXUS QuantaStor version and others

CVE CVE-2021-4406
Affected products
Product Affected Unaffected Unknown
OSNEXUS QuantaStor >= semver 0 to <
everything else
CVSS Base score: 9.1 (CRITICAL)
Problem type(s) CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Solution(s) Upgrade to the latest version of OSNEXUS QuantaStor and hope it is fixed
Last modified 06 Jul 2023 15:43


An administrator is able to execute commands as root via the alerts management dialog

JSON version