Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| http://dixell.com |
|
| http://emerson.com |
|
| https://www.swascan.com/emerson |
|
Sun, 05 Jul 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced | Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced. |
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-05T15:46:06.383Z
Reserved: 2021-12-20T00:00:00.000Z
Link: CVE-2021-45420
No data.
Status : Modified
Published: 2022-02-14T14:15:08.083
Modified: 2026-06-17T04:13:21.373
Link: CVE-2021-45420
No data.
OpenCVE Enrichment
No data.