CVE-2021-37289
First published: Mon Aug 22 2022(Updated: )
Insecure Permissions in administration interface in Planex MZK-DP150N 1.42 and 1.43 allows attackers to execute system command as root via etc_ro/web/syscmd.asp.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Planex Mzk-dp150n Firmware | =1.42 | |
| Planex Mzk-dp150n Firmware | =1.43 | |
| Planex MZK-DP150N |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-37289?
CVE-2021-37289 has been classified with a medium severity rating due to its potential for unauthorized command execution as root.
How do I fix CVE-2021-37289?
To remediate CVE-2021-37289, upgrade the Planex MZK-DP150N firmware to a version higher than 1.43.
What are the affected versions of CVE-2021-37289?
CVE-2021-37289 affects Planex MZK-DP150N firmware versions 1.42 and 1.43.
What is the nature of the vulnerability described in CVE-2021-37289?
CVE-2021-37289 involves insecure permissions in the administration interface that allow attackers to execute system commands.
Who is impacted by CVE-2021-37289?
Users of the Planex MZK-DP150N router running firmware versions 1.42 or 1.43 are vulnerable to CVE-2021-37289.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/planex
- canonical/planex mzk-dp150n firmware
- version/planex mzk-dp150n firmware/1.42
- version/planex mzk-dp150n firmware/1.43
- canonical/planex mzk-dp150n