Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2021-34416

EPSS 1.48% · P81
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-34416

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The network address administrative settings web portal for the Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, Zoom on-premise Recording Connector before version 3.8.44.20210326, Zoom on-premise Virtual Room Connector before version 4.4.6752.20210326, and Zoom on-premise Virtual Room Connector Load Balancer before version 2.5.5495.20210326 fails to validate input sent in requests to update the network configuration, which could lead to remote command injection on the on-premise image by the web portal administrators.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ZOOM on-premise Meeting Connector 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ZOOM on-premise Meeting Connector是美国Zoom(ZOOM)公司的一款会议连接器。 ZOOM on-premise Meeting Connector 存在输入验证错误漏洞,该漏洞源于无法验证发送到更新网络配置的请求中的输入,这可能导致由门户网站管理员对内部部署映像进行远程命令注入。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Zoom On-Premise Meeting Connector Controller, Zoom On-Premise Meeting Connector MMR, Zoom On-Premise Recording Connector, Zoom On-Premise Virtual Room Connector, Zoom On-Premise Virtual Room Connector Load Balancer Zoom on-premise Meeting Connector before version 4.6.360.20210325, Zoom on-premise Meeting Connector MMR before version 4.6.360.20210325, Zoom on-premise Recording Connector before version 3.8.44.20210326, Zoom on-premise Virtual Room Connector before ver -

II. Public POCs for CVE-2021-34416

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-34416

登录查看更多情报信息。

Other References for CVE-2021-34416 (1)

Same Patch Batch · n/a · 2021-09-27 · 56 CVEs total

CVE-2021-361347.4 HIGHOut of bounds write in Netop Vision Pro
CVE-2021-234453.1 LOWCross-site Scripting (XSS)
CVE-2021-0424Mediatek 芯片 缓冲区错误漏洞
CVE-2021-41329Datalust Seq 安全漏洞
CVE-2021-31605Openvpn OpenVPN 命令注入漏洞
CVE-2021-40349e7d Speed Test 路径遍历漏洞
CVE-2021-40981Asus Rog Armory Crate 代码问题漏洞
CVE-2021-40103PortlandLabs Concrete Cms 路径遍历漏洞
CVE-2021-0421Mediatek 芯片 安全漏洞
CVE-2021-0422Mediatek 芯片 缓冲区错误漏洞
CVE-2021-0423Mediatek 芯片 安全漏洞
CVE-2021-40097PortlandLabs Concrete Cms 路径遍历漏洞
CVE-2021-0425Mediatek 芯片 安全漏洞
CVE-2021-0610Mediatek 芯片 输入验证错误漏洞
CVE-2021-0611Mediatek 芯片 资源管理错误漏洞
CVE-2021-0612Mediatek 芯片 资源管理错误漏洞
CVE-2021-0660Mediatek 芯片 缓冲区错误漏洞
CVE-2021-40104PortlandLabs Concrete CMS 安全漏洞
CVE-2021-40105PortlandLabs Concrete Cms 跨站脚本漏洞
CVE-2021-40106PortlandLabs Concrete Cms 跨站脚本漏洞

Showing top 20 of 56 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Zoom On-Premise Meeting Connector Controller, Zoom On-Premise Meeting Connector MMR, Zoom On-Premise Recording Connector, Zoom On-Premise Virtual Room Connector, Zoom On-Premise Virtual Room Connector Load Balancer
Same vendor: n/a

V. Comments for CVE-2021-34416

No comments yet

Leave a comment