What is CVE-2021-32534?

CVE-2021-32534 is a critical-severity vulnerability in Qsan Sanos, classified under OS Command Injection. CVSS score: 9.8/10. Published 2021-07-07.

How severe is CVE-2021-32534?

Critical severity. CVSS v3 base score is 9.8 out of 10.

RCE in Qsan Sanos

CVE-2021-32534

QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated ver…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.005 (67.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Qsan Sanos — versions unspecified

Weakness classification (CWE)

CWE-78 — OS Command Injection

References

www.twcert.org.tw/tw/cp-132-4891-94707-1.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-32534?: CVE-2021-32534 is a critical-severity vulnerability in Qsan Sanos, classified under OS Command Injection. CVSS score: 9.8/10. Published 2021-07-07.
How severe is CVE-2021-32534?: Critical severity. CVSS v3 base score is 9.8 out of 10.