CVE-2021-4470

TG8 Firewall Unauthenticated RCE via runphpcmd.php

Description

TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd.php endpoint. The syscmd POST parameter is passed directly to a system command without validation and executed with root privileges. A remote, unauthenticated attacker can supply crafted values to execute arbitrary operating system commands as root, resulting in full device compromise.

INFO

Published Date :

2025-11-14T22:50:45.716Z

Last Modified :

2025-11-18T16:20:30.649Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2021-4470 vulnerability.

Vendors	Products
Tg8	Tg8 Firewall
Togrow	Tg8 Firewall

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-4470.

URL	Resource
https://ssd-disclosure.com/ssd-advisory-tg8-firewall-preauth-rce-and-password-disclosure/
https://web.archive.org/web/20211024224240/http://www.tg8security.com/
https://www.vulncheck.com/advisories/tg8-firewall-unauthenticated-rce-via-runphpcmd-php

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability