CVE-2021-40222

EPSS 8.05% · P92 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-40222

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Rittal CMC PU III Web management Version affected: V3.11.00_2. Version fixed: V3.17.10 is affected by a remote code execution vulnerablity. It is possible to introduce shell code to create a reverse shell in the PU-Hostname field of the TCP/IP Configuration dialog. Web application fails to sanitize user input on Network TCP/IP configuration page. This allows the attacker to inject commands as root on the device which will be executed once the data is received.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Rittal CMC PU III 操作系统命令注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Rittal CMC PU III是德国威图（Rittal）公司的一个监控系统。 Rittal CMC PU III Web management V3.11.00_2版本存在安全漏洞，该漏洞源于Web应用程序无法清理网络TCP/IP配置页上的用户输入。攻击者可利用该漏洞在TCP/IP配置对话框的PU主机名字段中引入shell代码来创建反向shell,以root用户身份在设备上插入命令，一旦收到数据就会执行这些命令。该问题已在V3.17.10版本修复

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-40222

#	POC Description	Source Link	Shenlong Link
1	Remote Code Execution at Rittal	https://github.com/asang17/CVE-2021-40222	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-40222

请登录查看更多情报信息。

https://github.com/asang17/CVE-2021-RCEx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-40222

Same Patch Batch · n/a · 2021-09-09 · 49 CVEs total

CVE-2020-19515		qdPM 跨站脚本漏洞
CVE-2021-38725		FUEL-CMS 访问控制错误漏洞
CVE-2020-19143		Silicon Graphics LibTIFF 缓冲区错误漏洞
CVE-2021-20118		Tenable Network Security Nessus 输入验证错误漏洞
CVE-2021-20117		Tenable Network Security Nessus 输入验证错误漏洞
CVE-2021-38408		Advantech WebAccess 缓冲区错误漏洞
CVE-2021-40223		Rittal CMC PU III 跨站脚本漏洞
CVE-2021-39296		OpenBMC 授权问题漏洞
CVE-2021-39458		Yakamara Media Redaxo CMS 安全漏洞
CVE-2021-38721		FUEL CMS 跨站请求伪造漏洞
CVE-2021-38723		FUEL CMS SQL注入漏洞
CVE-2021-32484		Mediatek 芯片安全漏洞
CVE-2021-32485		Mediatek 芯片缓冲区错误漏洞
CVE-2021-32486		Mediatek 芯片安全漏洞
CVE-2021-32487		Mediatek 芯片安全漏洞
CVE-2021-38727		FUEL CMS SQL注入漏洞
CVE-2021-40284		D-Link DSL-3782 安全漏洞
CVE-2021-28909		BAB TECHNOLOGIE GmbH eibPort 安全漏洞
CVE-2021-28910		Bab Technologie Gmbh BAB TECHNOLOGIE GmbH eibPort 安全漏洞
CVE-2020-19263		MipCMS 安全漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-40222

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-40222

I. Basic Information for CVE-2021-40222

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-40222

III. Intelligence Information for CVE-2021-40222

Same Patch Batch · n/a · 2021-09-09 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-40222

Leave a comment