| |
Vulnerability CVE-2021-45809
Published: 2022-03-22
| Description: |
Multiple versions of GlobalProtect-openconnect are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the `--script=<script>` parameter. |
References: |
https://github.com/yuezk/GlobalProtect-openconnect/issues/113
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
