VYPR
Unrated severityNVD Advisory· Published Aug 2, 2021· Updated Sep 17, 2024

Privilege escalation in mbDIALUP <= 3.9R0.0

CVE-2021-33526

Description

In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Mbconnectline/mbDIALUPllm-create2 versions
    <=3.9R0.0+ 1 more
    • (no CPE)range: <=3.9R0.0
    • (no CPE)range: 3.9R0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.