### [CVE-2021-36100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36100)
![](https://img.shields.io/static/v1?label=Product&message=((OTRS))%20Community%20Edition&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=OTRS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=OTRSSTORM&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=SystemMonitoring&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.0.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=7.0.x%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=8.0.x%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=rce&color=brightgreen)

### Description

Specially crafted string in OTRS system configuration can allow the execution of any system command.

### POC

#### Reference
- https://otrs.com/release-notes/otrs-security-advisory-2022-03/

#### Github
No PoCs found on GitHub currently.