Unrated severityNVD Advisory· Published Mar 25, 2022· Updated Aug 3, 2024

Genian NAC remote code execution vulnerability

CVE-2021-26622

Description

An remote code execution vulnerability due to SSTI vulnerability and insufficient file name parameter validation was discovered in Genian NAC. Remote attackers are able to execute arbitrary malicious code with SYSTEM privileges on all connected nodes in NAC through this vulnerability.

Affected products

Genians/Genian Nac V5.0 & Genian Nac Suite V5.0v5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.krcert.or.kr/krcert/secNoticeView.domitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000