Vulnerabilities > CVE-2021-40643 - Unspecified vulnerability in Eyesofnetwork

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

eyesofnetwork

critical

NVD

Published: 2022-06-30

Updated: 2022-07-11

Summary

EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by default/usr/sbin/sendmail) it is possible to execute any command, which will be executed when we make a test of the configuration ("send test mail").

Vulnerable Configurations

Part	Description	Count
Application	Eyesofnetwork Eyesofnetwork Eyesofnetwork 4.2-3 Eyesofnetwork Eyesofnetwork 4.3-0 Eyesofnetwork Eyesofnetwork 5.0 Eyesofnetwork Eyesofnetwork 5.0-0 Eyesofnetwork Eyesofnetwork 5.1 Eyesofnetwork Eyesofnetwork 5.1-0 Eyesofnetwork Eyesofnetwork 5.2-0 Eyesofnetwork Eyesofnetwork 5.3 Eyesofnetwork Eyesofnetwork 5.3-0 Eyesofnetwork Eyesofnetwork 5.3-1 Eyesofnetwork Eyesofnetwork 5.3-2 Eyesofnetwork Eyesofnetwork 5.3-3 Eyesofnetwork Eyesofnetwork 5.3-4 Eyesofnetwork Eyesofnetwork 5.3-5 Eyesofnetwork Eyesofnetwork 5.3-6 Eyesofnetwork Eyesofnetwork 5.3-7 Eyesofnetwork Eyesofnetwork 5.3-8 Eyesofnetwork Eyesofnetwork 5.3-9 Eyesofnetwork Eyesofnetwork 5.3-10 Eyesofnetwork Eyesofnetwork 5.3-11	20

Summary

Vulnerable Configurations

References