Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-31573


In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID: OSBNB00123234.


Published

2023-02-06T22:15:09.217

Last Modified

2025-03-26T15:15:36.763

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Primary
    CWE-77
  • Type: Secondary
    CWE-77

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System mediatek en7580_firmware < tlm7.3.275.0-82 Yes
Hardware mediatek en7580 - No
Operating System mediatek en7528_firmware < tlm7.3.275.0-82 Yes
Hardware mediatek en7528 - No

References