CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-28173

The file upload function of Vangene deltaFlow E-platform does not perform access controlled properly. Remote attackers can upload and execute arbitrary files without login.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 72.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://www.chtsecurity.com/news/7f0874b5-516b-4637-842d-b6fb6c335c66
https://www.twcert.org.tw/tw/cp-132-4620-58f9c-1.html
https://www.chtsecurity.com/news/7f0874b5-516b-4637-842d-b6fb6c335c66
https://www.twcert.org.tw/tw/cp-132-4620-58f9c-1.html

Products affected by CVE-2021-28173

Deltaflow Project » Deltaflow » Version: Any

cpe:2.3:a:deltaflow_project:deltaflow:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-28173

Products

Pricing

Contact Us