CVE-2021-4470 CRITICAL

CVE-2021-4470: TG8 Firewall Unauthenticated RCE via runphpcmd.php

Vendor Tg8
Product TG8 Firewall
Weakness CWE-78
Published November 14, 2025
Last update November 18, 2025

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

TG8 Firewall contains a pre-authentication remote code execution vulnerability in the runphpcmd.php endpoint. The syscmd POST parameter is passed directly to a system command without validation and executed with root privileges. A remote, unauthenticated attacker can supply crafted values to execute arbitrary operating system commands as root, resulting in full device compromise.

Key dates

02Disclosure timeline

November 14, 2025 CVE published
November 18, 2025 Record updated