CVE-2021-21406

July 30, 2021

Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable path. The vulnerability is patched in version 2.7.4 and 3.0.0.

Summary:

Combodo iTop is an open source, web based IT Service Management tool. In versions prior to 2.7.4, there is a command injection vulnerability in the Setup Wizard when providing Graphviz executable path. The vulnerability is patched in version 2.7.4 and 3.0.0.

Reference Links(if available):

  • https://github.com/Combodo/iTop/security/advisories/GHSA-pf95-6h7q-q85x

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    image

    [QILIN] – Ransomware Victim: DMF Lighting

    November 21, 2024
    image

    [QILIN] – Ransomware Victim: Stalcop Metal Forming LLC

    November 21, 2024
    image

    [HANDALA] – Ransomware Victim: SSV Blockchain Network

    November 21, 2024
    news

    Hijacked Jupyter Servers: New Threat in Illegal Sports Stream Ripping

    November 21, 2024
    news

    Deepfake Digital Identity Attacks Occur Every Five Minutes: Alarming Trends Unveiled

    November 21, 2024