CVE-2021-42852

A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt