High severity8.6NVD Advisory· Published Jan 27, 2022· Updated May 18, 2026
CVE-2021-44793
CVE-2021-44793
Description
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information including the database credentials. Since the database runs with high privileges it is possible to execute commands with the attained credentials.
Affected products
3- Kron/Single Connectv5Range: unspecified
Patches
Vulnerability mechanics
References
2- www.usom.gov.tr/bildirim/tr-22-0093nvdThird Party Advisory
- siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0093nvd
News mentions
0No linked articles in our index yet.