logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2021-36356

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2021-36356

Description:
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.
Last updated date:
04/29/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
05/26/2022
Reference url to background

https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers

Type:
exploit
Confidence:
HIGH
Date of publishing:
04/07/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
04/29/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy