CVE-2021-3797
9.8 CRITICALhestiacp is vulnerable to Use of Wrong Operator in String Comparison
Published: 2021-09-15 · Last updated: 2026-06-17
Severity and scoring
- CVSS
- 9.8 CRITICAL
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-597
Affected products
| Vendor | Product |
|---|---|
| hestiacp | control_panel |
Description
hestiacp is vulnerable to Use of Wrong Operator in String Comparison
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2021-3797
- [Patch]https://github.com/hestiacp/hestiacp/commit/fc68baff4f94b59e38316f886d0ce47d337042f7
- [Patch]https://huntr.dev/bounties/c24fb15c-3c84-45c8-af04-a660f8da388f
- [Patch]https://github.com/hestiacp/hestiacp/commit/fc68baff4f94b59e38316f886d0ce47d337042f7
- [Patch]https://huntr.dev/bounties/c24fb15c-3c84-45c8-af04-a660f8da388f