Skip to main content
CVE-2021-3122 CRITICAL POC THREAT Emergency

CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Command Center Agent
NVD GitHub
CVSS 3.1
9.8
EPSS
87.4%
CVE-2021-26843 HIGH POC This Week

An issue was discovered in sthttpd through 2.27.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Sthttpd
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-22161 MEDIUM This Month

In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Openwrt
NVD
CVSS 3.1
6.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy