Vulnerabilities > CVE-2021-27886 - Unspecified vulnerability in Docker Dashboard Project Docker Dashboard

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
docker-dashboard-project

Summary

rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product.

Vulnerable Configurations

Part Description Count
Application
Docker_Dashboard_Project
1