← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-36380 — Actively Exploited: SureLine (Sunhillo)

Sunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in /cgi/networkDiag.cgi.

CVE IDCVE-2021-36380
VendorSunhillo
ProductSureLine
Vulnerability nameSunhillo SureLine OS Command Injection Vulnerablity
Date added2024-03-05
Remediation due2024-03-26
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionSunhillo SureLine contains an OS command injection vulnerability that allows an attacker to cause a denial-of-service or utilize the device for persistence on the network via shell metacharacters in ipAddr or dnsAddr in /cgi/networkDiag.cgi.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →