Rewterz Threat Advisory – CVE-2021-31474 – SolarWinds Network Performance Monitor code execution
May 21, 2021Rewterz Threat Advisory – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerabilities
May 24, 2021Rewterz Threat Advisory – CVE-2021-31474 – SolarWinds Network Performance Monitor code execution
May 21, 2021Rewterz Threat Advisory – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerabilities
May 24, 2021Severity
High
Analysis Summary
CVE-2021-31475
SolarWinds Orion Job Scheduler could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the JobRouterService WCF service. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
Execution of arbitrary code
Affected Vendors
SolarWinds
Affected Products
SolarWinds Orion Job Scheduler
Remediation
Refer to SolarWinds Web site for patch, upgrade or suggested workaround information.