Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-21909 | 1 Garrett | 2 Ic Module, Ic Module Firmware | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability | |||||
CVE-2021-21908 | 1 Garrett | 2 Ic Module, Ic Module Firmware | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed to the function as argv[1]), allowing an authenticated attacker to supply directory traversal primitives and delete semi-arbitrary files. |