CVE-2021-26747: OS Command Injection
First published: Thu Feb 18 2021(Updated: )
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Netis-systems Wf2780 Firmware | =2.3.40404 | |
| Netis-systems Wf2780 | ||
| Netis-systems Wf2411 Firmware | =1.1.29629 | |
| Netis-systems Wf2411 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for Netis WF2780 and WF2411 devices?
The vulnerability ID for Netis WF2780 and WF2411 devices is CVE-2021-26747.
How severe is CVE-2021-26747?
CVE-2021-26747 has a severity rating of 9.8 (Critical).
What is the impact of CVE-2021-26747?
CVE-2021-26747 allows Shell Metacharacter Injection into the ping command, leading to remote code execution.
Which devices are affected by CVE-2021-26747?
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices are affected by CVE-2021-26747.
How can I fix CVE-2021-26747?
At this time, there is no official fix or patch available for CVE-2021-26747. It is recommended to follow the vendor's website for updates.
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- agent/description
- agent/type
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/netis-systems
- canonical/netis-systems wf2780 firmware
- version/netis-systems wf2780 firmware/2.3.40404
- canonical/netis-systems wf2780
- canonical/netis-systems wf2411 firmware
- version/netis-systems wf2411 firmware/1.1.29629
- canonical/netis-systems wf2411