CVE-2021-32682

Exploit

EPSS 93.53%
Veröffentlicht 14.06.2021 17:15:07
Zuletzt bearbeitet 21.11.2024 06:07:31
Quelle security-advisories@github.com
Teams Watchlist Login
Unerledigt Login

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 3 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Std42 ≫ Elfinder Version < 2.1.59

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93.53%	0.998

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
security-advisories@github.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CWE-918 Server-Side Request Forgery (SSRF)

The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

https://blog.sonarsource.com/elfinder-case-study-of-web-file-manager-vulnerabilities/

Third Party Advisory

Exploit

http://packetstormsecurity.com/files/164173/elFinder-Archive-Command-Injection.html

Third Party Advisory

Exploit

VDB Entry

https://github.com/Studio-42/elFinder/commit/a106c350b7dfe666a81d6b576816db9fe0899b17

Patch

Third Party Advisory

https://github.com/Studio-42/elFinder/security/advisories/GHSA-wph3-44rj-92pr

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-32682

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-32682

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-32682

EUVD