Dream Report ODS Remote Connector privilege escalation vulnerability [CVE-2021-21957]
CVE number = CVE-2021-21957
Dream Report is an automation platform designed to facilitate collection and parsing of real-time information between various devices in industrial environments.
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0.
A specially-crafted command injection can lead to elevated capabilities.
An attacker can provide a malicious file to trigger this vulnerability.
Tested Versions
Dream Report ODS Remote Connector 20.2.16900.0
Vendor Response
Fixed in Dream Report Remote Connector 20.2.16900.1011
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.