RCE in Ipcop Project

CVE-2021-4466

IPCop versions up to and including 2.1.9 contain an authenticated remote code execution vulnerability within the web-based administration interface. The email configuration component inserts user-controlled values, including the EMAIL_PW p…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.005 (37.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References