Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by nascent
CVE-2021-38613 (GCVE-0-2021-38613)
Vulnerability from cvelistv5 – Published: 2021-08-24 11:05 – Updated: 2024-08-04 01:44
VLAI?
Summary
The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T11:05:57.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38613",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The assets/index.php Image Upload feature of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to upload any code to the target system and achieve remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience",
"refsource": "MISC",
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"name": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/",
"refsource": "MISC",
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38613",
"datePublished": "2021-08-24T11:05:57.000Z",
"dateReserved": "2021-08-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:44:23.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38612 (GCVE-0-2021-38612)
Vulnerability from cvelistv5 – Published: 2021-08-24 11:05 – Updated: 2024-08-04 01:44
VLAI?
Summary
In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T11:05:49.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience",
"refsource": "MISC",
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"name": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/",
"refsource": "MISC",
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38612",
"datePublished": "2021-08-24T11:05:49.000Z",
"dateReserved": "2021-08-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:44:23.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38611 (GCVE-0-2021-38611)
Vulnerability from cvelistv5 – Published: 2021-08-24 11:05 – Updated: 2024-08-04 01:44
VLAI?
Summary
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:44:23.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-24T11:05:42.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device Manager 4.0.0.0 allows attackers to execute arbitrary commands, as root, via shell metacharacters in the filename parameter to assets/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience",
"refsource": "MISC",
"url": "https://www.nascent.com/single-post/2019/01/17/nascent-technology-releases-remkon-31-to-enhance-audio-experience"
},
{
"name": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/",
"refsource": "MISC",
"url": "https://www.blacklanternsecurity.com/2021-08-23-Nascent-RemKon-CVEs/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38611",
"datePublished": "2021-08-24T11:05:42.000Z",
"dateReserved": "2021-08-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:44:23.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}