Vulnerabilities > CVE-2021-21957 - Unspecified vulnerability in Dreamreport Remote Connector 20.2.16900.0

CVSS 7.3 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

dreamreport

NVD

Published: 2021-12-08

Updated: 2022-10-24

Summary

A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Dreamreport Dreamreport Remote Connector 20.2.16900.0	1

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1384