Skip to content

Remote Command Execution vulnerability

High
orthagh published GHSA-q5fp-xpr8-77jh Jan 5, 2022

Package

addressing (glpi-project/glpi)

Affected versions

2.0.0

Patched versions

2.9.2

Description

Reference

https://github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_plugin

Impact

All GLPI with addressing plugin

Patches

Update to 2.9.1

Workarounds

disable addressing plugin.

Severity

High

CVE ID

CVE-2021-43779

Weaknesses

No CWEs

Credits