CVE-2021-35062
HIGHDRK Odenwaldkreis Testerfassung March-2021 - Command Injection
Title source: llmDescription
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/sthierolf/security/blob/main/CVE-2021-35062.md
Scores
CVSS v3
8.1
EPSS
0.0146
EPSS Percentile
70.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
testzentrum-odw/testerfassung
2021-03
Published
Aug 30, 2021
Tracked Since
Feb 18, 2026