Unrated severityNVD Advisory· Published Jan 5, 2022· Updated Sep 8, 2025
Remote Command Execution vulnerability
CVE-2021-43779
Description
GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.9.1
- pluginsGLPI/addressingv5Range: < 2.9.1
Patches
Vulnerability mechanics
References
3- github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_pluginmitrex_refsource_MISC
- github.com/pluginsGLPI/addressing/commit/6f55964803054a5acb5feda92c7c7f1d91ab5366mitrex_refsource_MISC
- github.com/pluginsGLPI/addressing/security/advisories/GHSA-q5fp-xpr8-77jhmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.