QSearchQSearch

CVE-2021-39196

7.7 HIGH

pcapture is an open source dumpcap web service interface

Published: 2021-09-07 · Last updated: 2026-06-17

Severity and scoring

CVSS
7.7 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CWE
CWE-287, CWE-754

Affected products

VendorProduct
pcapture_projectpcapture

Description

pcapture is an open source dumpcap web service interface . In affected versions this vulnerability allows an authenticated but unprivileged user to use the REST API to capture and download packets with no capture filter and without adequate permissions. This is important because the capture filters can effectively limit the scope of information that a user can see in the data captures. If no filter is present, then all data on the local network segment where the program is running can be captured and downloaded. v3.12 fixes this problem. There is no workaround, you must upgrade to v3.12 or greater.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-48780 Forem is open source software for building communities (8.2 HIGH)
  • CVE-2026-48114 Metacat is data repository software that helps researchers preserve, share, and discover data (9.8 CRITICAL)
  • CVE-2026-12183 Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerabili... (9.8 CRITICAL)
  • CVE-2026-47216 Typesense is a fast, typo-tolerant search engine
  • CVE-2026-50623 An authentication bypass vulnerability exists in the OAuth2 TokenIntrospectionService in Apache CXF (4.8 MEDIUM)