Critical severity9.8NVD Advisory· Published Aug 24, 2021· Updated Jun 17, 2026
CVE-2021-38611
CVE-2021-38611
Description
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.
Affected products
2- NASCENT/RemKon Device Managerdescription
- Range: =4.0.0.0
Patches
Vulnerability mechanics
References
2- www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/nvdExploitThird Party Advisory
- www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experiencenvdVendor Advisory
News mentions
0No linked articles in our index yet.