High severity7.2NVD Advisory· Published Dec 22, 2021· Updated Jun 17, 2026
CVE-2021-21906
CVE-2021-21906
Description
Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA Connect”, to interact with the iC Module on behalf of the user. Every time a user submits a password to the CLI password prompt, the buffer containing their input is passed as the password parameter to the checkPassword function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 5.0
Patches
Vulnerability mechanics
References
1- talosintelligence.com/vulnerability_reports/TALOS-2021-1357nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.