The flaw received a CVSS score of 6.8/10 and its exploitation would result in the total compromise of the affected system.Īccording to the report, the reported flaws exist in ZyWALL VPN2S v1.12 versions. This is a flaw of medium severity and received a CVSS score of 6.5/10.ĬVE-2021-35028: Incorrect input validation in the CGI program will allow a local user to pass specially crafted data to the affected application and execute arbitrary commands on the target system.
CVE-2021-35027: An input validation flaw when processing directory cross-streams on the web server would allow remote threat actors to send specially crafted HTTP requests to access arbitrary files on the affected system.
0 kommentar(er)
