{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T22:58:35.344","vulnerabilities":[{"cve":{"id":"CVE-2021-37913","sourceIdentifier":"twcert@cert.org.tw","published":"2021-09-15T19:15:10.000","lastModified":"2024-11-21T06:16:02.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in."},{"lang":"es","value":"El portal móvil HGiga OAKlouds no filtra los caracteres especiales del parámetro Gateway IPv6 de la página de configuración de la tarjeta de interfaz de red. Los atacantes remotos pueden utilizar esta vulnerabilidad para llevar a cabo la inyección de comandos y ejecutar comandos arbitrarios en el sistema sin iniciar sesión"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hgiga:oaklouds_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0","versionEndIncluding":"2.0-2","matchCriteriaId":"C1BA8E57-6195-41A6-8199-E00940A63CF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:hgiga:oaklouds_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndIncluding":"3.0-2","matchCriteriaId":"15EEE996-227C-4175-84D4-575D756665DA"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-5092-f88e2-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-5092-f88e2-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}