Unrated severityNVD Advisory· Published Apr 5, 2022· Updated Aug 4, 2024

CVE-2021-42324

Description

An issue was discovered on DCN (Digital China Networks) S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell metacharacters in the capture command parameters. Command output will be shown on the Serial interface of the device. Exploitation requires both credentials and physical access.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

DCN/S4600-10P-SIdescription
DCN/S4600-10P-SIllm-create
Range: < R0241.0470

Patches

Vulnerability mechanics

References

exatel.pl/cve-2021-42324-metacharacter-injection-w-przelacznikach-dcn-s4600-10p-si/mitrex_refsource_MISC
www.dcneurope.eu/products/switches/s4600-10p-simitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000