CVSS: 9.0EPSS: 0%CPEs: 14EXPL: 0CVE-2021-20740
https://notcve.org/view.php?id=CVE-2021-20740
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC Storage M Series NAS Gateway Nh4a/Nh8a versions prior to FOS 5.5.3-08(NEC2.5.4a) and Nh4b/Nh8b, Nh4c/Nh8c versions prior to FOS 6.4.3-08(NEC3.4.2) allow remote authenticated attackers to execute arbitrary OS commands with root privileges via unspecified vectors. Hitachi Virtual File Platform versiones anteriores a 5.5.3-09 y anteriores a 6.4.3-09, y versiones de NEC Storage M Series NAS Gateway Nh4a/Nh8a anteriores a FOS 5.5.3-08(NEC2.5.4a) y las versiones Nh4b/Nh8b, Nh4c/Nh8c anteriores a FOS 6.4.3-08(NEC3.4.2) permiten a atacantes remotos autenticados ejecutar comandos arbitrarios del Sistema Operativo con privilegios de root por medio de vectores no especificados • https://jpn.nec.com/security-info/secinfo/nv21-011.html https://jvn.jp/en/jp/JVN21298724/index.html https://www.hitachi.co.jp/products/it/storage-solutions/global/sec_info/2021/2021_306.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •