CVE-2021-43523

EPSS 2.89% · P86 Updated May 06, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-43523

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames (leading to domain hijacking) or injection into applications (leading to remote code execution, XSS, applications crashes, etc.). In other words, a validation step, which is expected in any stub resolver, does not occur.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

uclibc-ng 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

uclibc-ng是一个应用系统。用于Linux的小型C库。 uClibc 和 uClibc-ng 1.0.39 之前的版本中存在安全漏洞，该漏洞源于 DNS 服务器通过 gethostbyname、getaddrinfo、gethostbyaddr 和 getnameinfo 返回的域名中的特殊字符处理不当，导致输出错误的主机名（导致域劫持）或注入应用程序（导致远程代码执行、XSS、应用程序崩溃等）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-43523

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-43523

请登录查看更多情报信息。

https://uclibc-ng.org/x_refsource_MISC
https://github.com/wbx-github/uclibc-ng/commit/0f822af0445e5348ce7b7bd8ce1204244f31d174x_refsource_MISC
https://www.openwall.com/lists/oss-security/2021/11/09/1x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-43523

Same Patch Batch · n/a · 2021-11-10 · 54 CVEs total

CVE-2021-42111	5.5 MEDIUM	Rcdevs OpenOtp Ios Mobile Application 安全漏洞
CVE-2021-32022		BlackBerry UEM 安全漏洞
CVE-2021-39474		Connect Box EuroDOCSIS 3.0 Voice Gateway 操作系统命令注入漏洞
CVE-2021-41427		Beeline Smart Box 跨站脚本漏洞
CVE-2021-43562		TYPO3 代码问题漏洞
CVE-2021-43563		TYPO3 安全漏洞
CVE-2021-43564		TYPO3 信息泄露漏洞
CVE-2021-43561		TYPO3 跨站脚本漏洞
CVE-2020-28137		Genexis Platinum 4410 跨站请求伪造漏洞
CVE-2021-3380		ICREM H8 SSRMS 安全漏洞
CVE-2021-32021		BlackBerry UEM 安全漏洞
CVE-2021-40520		Airangel Hsmx Gateway 安全漏洞
CVE-2021-32023		Blackberry Workspaces Server 安全漏洞
CVE-2021-22048		VMware vCenter Server 权限许可和访问控制问题漏洞
CVE-2021-3572		pip 输入验证错误漏洞
CVE-2020-23873		Pdf2xml 缓冲区错误漏洞
CVE-2020-23872		Pdf2xml 代码问题漏洞
CVE-2020-23874		Pdf2xml 缓冲区错误漏洞
CVE-2020-23877		pdf2xml 缓冲区错误漏洞
CVE-2020-23876		Pdf2xml 安全漏洞

Showing top 20 of 54 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-43523

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-43523

I. Basic Information for CVE-2021-43523

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-43523

III. Intelligence Information for CVE-2021-43523

Same Patch Batch · n/a · 2021-11-10 · 54 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-43523

Leave a comment