CVE-2021-47747 HIGH

CVE-2021-47747: meterN 1.2.3 Authenticated Remote Code Execution via Admin Scripts

Vendor Metern

Product meterN

Weakness CWE-78

Published December 31, 2025

Last update April 7, 2026

View on NVD All CVEs

CVSS base score

8.6/10

Attack vector Network

Attack complexity Low

Privileges required High

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

meterN 1.2.3 contains an authenticated remote code execution vulnerability in admin_meter2.php and admin_indicator2.php scripts. Attackers can exploit the 'COMMANDx' and 'LIVECOMMANDx' POST parameters to execute arbitrary system commands with administrative privileges.

Key dates

02Disclosure timeline

December 31, 2025 CVE published

April 7, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-47747

Related vulnerabilities

CVE-2021-47747: meterN 1.2.3 Authenticated Remote Code Execution via Admin Scripts

01Description

02Disclosure timeline

03References

04Related CVE