Vulnerabilities (CVE)

Filtered by vendor Garrett Subscribe
Filtered by product Ic Module
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21909 1 Garrett 2 Ic Module, Ic Module Firmware 2024-11-21 5.5 MEDIUM 8.1 HIGH
Specially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can provide malicious inputs to trigger this vulnerability
CVE-2021-21908 1 Garrett 2 Ic Module, Ic Module Firmware 2024-11-21 5.5 MEDIUM 6.5 MEDIUM
Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed to the function as argv[1]), allowing an authenticated attacker to supply directory traversal primitives and delete semi-arbitrary files.