Vulnerabilities > Accellion > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2021-27104 | OS Command Injection vulnerability in Accellion FTA 912370 Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. | 10.0 |
| 2021-02-16 | CVE-2021-27101 | Unspecified vulnerability in Accellion FTA 912220/912370 Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. | 9.8 |
| 2010-02-19 | CVE-2009-4646 | Code Injection vulnerability in Accellion Secure File Transfer Appliance Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string. | 9.0 |
| 2010-02-19 | CVE-2009-4644 | OS Command Injection vulnerability in Accellion Secure File Transfer Appliance Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program. | 9.0 |