Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| http://dixell.com |
|
| http://emerson.com |
|
| https://www.swascan.com/emerson |
|
History
Sun, 05 Jul 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced | Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced. |
Wed, 16 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-09T00:16:07.939Z
Reserved: 2021-12-20T00:00:00.000Z
Link: CVE-2021-45420
No data.
Status : Modified
Published: 2022-02-14T14:15:08.083
Modified: 2026-06-17T04:13:21.373
Link: CVE-2021-45420
No data.
OpenCVE Enrichment
No data.