VYPR
Critical severity9.8NVD Advisory· Published Aug 24, 2021· Updated Jun 17, 2026

CVE-2021-38611

CVE-2021-38611

Description

A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.