Vulnerability Details CVE-2021-42852
A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.7%
CVSS Severity
CVSS v3 Score 8.0
CVSS v2 Score 7.7
Products affected by CVE-2021-42852
-
-
-
-
-
-
cpe:2.3:o:lenovo:a1_firmware:*
-
cpe:2.3:o:lenovo:t1_firmware:*
-
cpe:2.3:o:lenovo:t2_firmware:*
-
cpe:2.3:o:lenovo:t2pro_firmware:*
-
cpe:2.3:o:lenovo:x1_firmware:*