Unrated severityNVD Advisory· Published Aug 2, 2021· Updated Sep 16, 2024
OS Command Injection in mbDIALUP <= 3.9R0.0
CVE-2021-33527
Description
In MB connect line mbDIALUP versions <= 3.9R0.0 a remote attacker can send a specifically crafted HTTP request to the service running with NT AUTHORITY\SYSTEM that will not correctly validate the input. This can lead to an arbitrary code execution with the privileges of the service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=3.9R0.0+ 1 more
- (no CPE)range: <=3.9R0.0
- (no CPE)range: 3.9R0.0
Patches
Vulnerability mechanics
References
1- cert.vde.com/de-de/advisories/vde-2021-017mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.