CVE-2021-36982
HIGHMonitorapp Application Insight Manager - Improper Input Validation
Title source: ruleDescription
AIMANAGER before B115 on MONITORAPP Application Insight Web Application Firewall (AIWAF) devices with Manager 2.1.0 allows OS Command Injection because of missing input validation on one of the parameters of an HTTP request.
References (3)
Core 3
Core References
Product, Vendor Advisory x_refsource_misc
https://www.monitorapp.com/waf/
Third Party Advisory x_refsource_misc
https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0022/FEYE-2021-0022.md
Third Party Advisory x_refsource_confirm
https://github.com/monitorapp-aicc/report/wiki/CVE-2021-36982
Scores
CVSS v3
8.1
EPSS
0.0092
EPSS Percentile
76.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
monitorapp/application_insight_manager
b107 - b115
Published
Aug 12, 2021
Tracked Since
Feb 18, 2026