VYPR
High severity7.2NVD Advisory· Published Jun 2, 2022· Updated Jun 17, 2026

CVE-2021-44080

CVE-2021-44080

Description

A Command Injection vulnerability in httpd web server (setup.cgi) in SerComm h500s, FW: lowi-h500s-v3.4.22 allows logged in administrators to arbitrary OS commands as root in the device via the connection_type parameter of the statussupport_diagnostic_tracing.json endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • SerComm/h500sdescription
  • Sercomm/h500sllm-create
    Range: lowi-h500s-v3.4.22

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.