CVE-2021-33527

CWE-78: IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN AN OS COMMAND:
A low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM, that will not correctly validate the input, instructing it to execute arbitrary code execution with the privileges of the service.

Risk Information

  • CVE ID
  • CVE-2021-33527
  • Vendor
  • MB Connect Line
  • Product
  • mbDIALUP
  • CVSS v3
  • 7.8