Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.537
EPSS Ranking 97.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
Products affected by CVE-2021-20039


Contact Us

Shodan ® - All rights reserved