mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 03:37:37 +02:00
0xMarcio
995 B
995 B
CVE-2021-3485
Description
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.
POC
Reference
- https://herolab.usd.de/security-advisories/usd-2021-0014/
- https://herolab.usd.de/security-advisories/usd-2021-0014/
Github
No PoCs found on GitHub currently.