Unrated severityNVD Advisory· Published Jul 10, 2023· Updated Sep 24, 2025
Authenticated Remote COmmand Execution as root in OSNEXUS QuantaStor version 6.0.0.355 and others
CVE-2021-4406
Description
An authenticated attacker is able to create alerts that trigger a stored XSS attack.
POC
- go to the alert manager
- open the ITSM tab
- add a webhook with the URL/service token value
' -h && id | tee /tmp/ttttttddddssss #' (whitespaces are tab characters)
- click add
- click apply
- create a test alert
- The test alert will run the command
“id | tee /tmp/ttttttddddssss” as root.
- after the test alert inspect
/tmp/ttttttddddssss it'll contain the ids of the root user.
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- csirt.divd.nl/CVE-2021-4406mitrethird-party-advisoryexploittechnical-description
- csirt.divd.nl/DIVD-2021-00020/mitrethird-party-advisory
- www.osnexus.com/products/software-defined-storagemitreproduct
News mentions
0No linked articles in our index yet.