CVE-2021-20138

HIGH

Gryphon Tower Firmware < 04.0004.12 - Unauthenticated OS Command Injection via Web Interface Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-20138. PoCs published by ShaikUsaf.

AI-analyzed exploit summary The repository contains source code files from the Android Open Source Project (AOSP) related to CVE-2021-20138, focusing on managed provisioning components. It includes utility classes and activities but lacks explicit exploit code or detailed vulnerability analysis.

Description

An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router’s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the web interface.

Exploits (1)

nomisec WRITEUP

by ShaikUsaf · poc

https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-20138

View Code ZIP pw:eip

The repository contains source code files from the Android Open Source Project (AOSP) related to CVE-2021-20138, focusing on managed provisioning components. It includes utility classes and activities but lacks explicit exploit code or detailed vulnerability analysis.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Android Open Source Project (AOSP) frameworks/base

No auth needed

Prerequisites: Access to Android device with vulnerable AOSP version

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Vendor Advisory x_refsource_misc

https://www.tenable.com/security/research/tra-2021-51

Scores

CVSS v3 8.8

EPSS 0.0370

EPSS Percentile 88.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (1)

gryphonconnect/gryphon_tower_firmware < 04.0004.12

Published Dec 09, 2021

Tracked Since Feb 18, 2026