How severe is CVE-2021-43779?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.9 out of 10.

What type of vulnerability is CVE-2021-43779?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2021-43779 - CRITICAL Severity | CVSS 9.9

Vulnerability Description

GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin.

Related Vulnerabilities

CVE-2018-20162

CRITICAL

CVSS:9.9(Critical)

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary command...

CWE-202018

CVE-2021-3781

CRITICAL

CVSS:9.9(Critical)

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document ...

CWE-202021

CVE-2022-0415

CRITICAL

CVSS:9.9(Critical)

Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.

CWE-202022

CVE-2022-26780

CRITICAL

CVSS:9.9(Critical)

Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code executio...

CWE-202022

CVE-2022-26781

CRITICAL

CVSS:9.9(Critical)

CWE-202022

CVE-2022-26782

CRITICAL

CVSS:9.9(Critical)

CWE-202022