How severe is CVE-2021-28673?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2021-28673?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2021-28673 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 6515 before 65.61.23 and 65.59.11 (Bridge), VersaLink B400 before 37.61.23 and 37.59.01 (Bridge), B405 before 38.61.23 and 38.59.01 (Bridge), B600/B610 before 32.61.23 and 32.59.01 (Bridge), B605/B615 before 33.61.23 and 33.59.01 (Bridge), B7025/30/35 before 58.61.23 and 58.59.11 (Bridge), C400 before 67.61.23 and 67.59.01 (Bridge), C405 before 68.61.23 and 68.59.01 (Bridge), C500/C600 before 61.61.23 and 61.59.01 (Bridge), C505/C605 before 62.61.23 and 62.59.11 (Bridge), C7000 before 56.61.23 and 56.59.01 (Bridge), C7020/25/30 before 57.61.23 and 57.59.01 (Bridge), C8000/C9000 before 70.61.23 and 70.59.01 (Bridge), allows remote attackers with "a weaponized clone file" to execute arbitrary commands in the Web User Interface.

Related Vulnerabilities

CVE-1999-0066

CRITICAL

CVSS:9.8(Critical)

AnyForm CGI remote execution.

NVD-CWE-Other1999

CVE-2004-2776

CRITICAL

CVSS:9.8(Critical)

go.cgi in GoScript 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) query string or (2) artarchive parameter.

NVD-CWE-Other2004

CVE-2005-2354

CRITICAL

CVSS:9.8(Critical)

Nvu 0.99+1.0pre uses an old copy of Mozilla XPCOM which can result in multiple security issues.

NVD-CWE-Other2005

CVE-2006-2827

CRITICAL

CVSS:9.8(Critical)

SQL injection vulnerability in search.php in X-Cart Gold and Pro 4.0.18, and X-Cart 4.1.0 beta 1, allows remote attackers to execute arbitrary SQL commands via the "Search for pattern" field, when the...

NVD-CWE-Other2006

CVE-2006-4264

CRITICAL

CVSS:9.8(Critical)

Multiple PHP remote file inclusion vulnerabilities in the lmtg_myhomepage Component (com_lmtg_myhomepage) for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_abso...

NVD-CWE-Other2006

CVE-2006-4428

CRITICAL

CVSS:9.8(Critical)

PHP remote file inclusion vulnerability in index.php in Jupiter CMS 1.1.5 allows remote attackers to execute arbitrary PHP code via a URL in the template parameter. NOTE: CVE disputes this claim, sinc...

NVD-CWE-Other2006