Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Genieacs Subscribe
Filtered by product Genieacs
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-46704 1 Genieacs 1 Genieacs 2022-03-11 7.5 HIGH 9.8 CRITICAL
In GenieACS 1.2.x before 1.2.8, the UI interface API is vulnerable to unauthenticated OS command injection via the ping host argument (lib/ui/api.ts and lib/ping.ts). The vulnerability arises from insufficient input validation combined with a missing authorization check.