Vulnerabilities

CVE-2021-21741

by Fred · 30/08/2021

A conference management system of ZTE is impacted by a command execution vulnerability. Since the soapmonitor’s java object service is enabled by default, the attacker could exploit this vulnerability to execute arbitrary commands by sending a deserialized payload to port 5001.

Date published : 2021-08-30

https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1018424

Similar

Tags: Cybersecurity Alert