CVE-2021-42538

8.0 HIGH

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input

Published: 2021-10-22 · Last updated: 2026-06-17

Severity and scoring

Vendor	Product
emerson	wireless_1410_gateway_firmware, wireless_1410d_gateway_firmware, wireless_1420_gateway_firmware

The affected product is vulnerable to a parameter injection via passphrase, which enables the attacker to supply uncontrolled input.

Source: NVD

Same vendor

CVE-2021-42542 — The affected product is vulnerable to directory traversal due to mishandling of provided backup folder structure (8.0 HIGH)
CVE-2021-42540 — The affected product is vulnerable to a unsanitized extract folder for system configuration (8.0 HIGH)
CVE-2021-42539 — The affected product is vulnerable to a missing permission validation on system backup restore, which could lead to account take over and... (8.0 HIGH)
CVE-2021-42536 — The affected product is vulnerable to a disclosure of peer username and password by allowing all users access to read global variables (8.0 HIGH)
CVE-2021-38485 — The affected product is vulnerable to improper input validation in the restore file (8.0 HIGH)

Same CWE

CVE-2026-22313 — The device has a webserver that exposes a REST API authenticated with a token on the management network (9.1 CRITICAL)
CVE-2026-44932 — Passing of unsanitized strings from DHCP replies into the wicked dhcp client before wicked 0.6.79 could be used by attackers operating a ... (8.8 HIGH)
CVE-2024-24909 — Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin (8.8 HIGH)
CVE-2026-12398 — A command injection vulnerability was found in galaxy_ng (7.5 HIGH)
CVE-2026-5416 — Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command in... (8.8 HIGH)