VYPR
High severity8.6NVD Advisory· Published Jan 27, 2022· Updated May 18, 2026

CVE-2021-44793

CVE-2021-44793

Description

Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information including the database credentials. Since the database runs with high privileges it is possible to execute commands with the attained credentials.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.