CVE-2021-38173
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-38173
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
btrbk 命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
btrbk是一个应用软件。 btrfs 子卷的备份工具,利用 btrfs 特定功能创建原子快照并将它们增量传输到您的备份位置。 btrbk存在安全漏洞。由于远程主机使用authorized_keys中ssh_filter_btrbk.sh过滤SSH命令的错误处理,0.31.2之前的Btrbk允许命令执行。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2021-38173
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-38173
请登录查看更多情报信息。
Patches & Fixes for CVE-2021-38173 (1)
Mailing List Discussions for CVE-2021-38173 (3)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BP2T32JMENJFRP2HWXR7FTTZVRTTPECL/vendor-advisoryx_refsource_FEDORA
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LM7GLTUN5YS4KE2RNBX732EAMVVGNEX3/vendor-advisoryx_refsource_FEDORA
Other References for CVE-2021-38173 (1)
- https://github.com/digint/btrbk/blob/master/ChangeLogx_refsource_CONFIRM
Same Patch Batch · n/a · 2021-08-07 · 12 CVEs total
| CVE-2021-38168 | Roxy-WI SQL注入漏洞 | |
| CVE-2021-38169 | Roxy-WI 命令注入漏洞 | |
| CVE-2021-38167 | Roxy-WI SQL注入漏洞 | |
| CVE-2021-38166 | Linux kernel 输入验证错误漏洞 | |
| CVE-2021-38165 | Lynx 安全漏洞 | |
| CVE-2021-29923 | Google Golang 安全漏洞 | |
| CVE-2021-38159 | Progress Software MOVEit Transfer SQL注入漏洞 | |
| CVE-2021-38160 | Linux kernel 安全漏洞 | |
| CVE-2021-38148 | Obsidian 安全漏洞 | |
| CVE-2021-29922 | Rust 安全漏洞 | |
| CVE-2021-38185 | cpio 输入验证错误漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-10608
DedeCMS carbuyaction.php RemoveXSS sql injection - CVE-2026-10607
DedeCMS flink.php dede_htmlspecialchars sql injection - CVE-2026-10606
DedeCMS Feedback feedback.php TrimMsg sql injection - CVE-2026-10581
DedeCMS download.php base64_decode server-side request forge - CVE-2026-10565
Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race
V. Comments for CVE-2021-38173
No comments yet