CVE-2021-47891 PUBLISHED

Unified Remote 3.9.0.2463 - Remote Code Execution

Assigner: VulnCheck
Reserved: 18.01.2026 Published: 23.01.2026 Updated: 23.01.2026

Unified Remote 3.9.0.2463 contains a remote code execution vulnerability that allows attackers to send crafted network packets to execute arbitrary commands. Attackers can exploit the service by connecting to port 9512 and sending specially crafted packets to open a command prompt and download and execute malicious payloads.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 9.3

Product Status

Vendor Unified Intents AB
Product Unified Remote
Versions
  • Version 3.9.0.2463 is affected

Credits

  • H4rk3nz0 finder

References

Problem Types

  • Missing Authentication for Critical Function CWE