Unrated severityNVD Advisory· Published Feb 22, 2021· Updated Sep 17, 2024
Authenticated command injection when changing date settings or hostname in Guardian/CMC before 20.0.7.4
CVE-2021-26724
Description
OS Command Injection vulnerability when changing date settings or hostname using web GUI of Nozomi Networks Guardian and CMC allows authenticated administrators to perform remote code execution. This issue affects: Nozomi Networks Guardian 20.0.7.3 version 20.0.7.3 and prior versions. Nozomi Networks CMC 20.0.7.3 version 20.0.7.3 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<=20.0.7.3+ 1 more
- (no CPE)range: <=20.0.7.3
- (no CPE)range: 20.0.7.3 and prior versions
<=20.0.7.3+ 1 more
- (no CPE)range: <=20.0.7.3
- (no CPE)range: 20.0.7.3 and prior versions
Patches
Vulnerability mechanics
References
1- security.nozominetworks.com/NN-2021:1-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.