PatchSiren

Liman Central Management System CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Liman Central Management System CVE published 2023-03-01

CVE-2021-3855

A command injection vulnerability in Liman Central Management System (Port MYS) allows authenticated attackers to execute arbitrary commands. The flaw exists in HTTP/Controllers, CronMail, and Jobs modules. Affected versions span 1.7.0 through 1.8.3-462. The vulnerability was disclosed in March 2023 with a CVSS 3.1 score of 8.8 (High severity).