Vulnerability Details CVE-2021-42171
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.171
EPSS Ranking 94.7%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/166617/Zenario-CMS-9.0.54156-Remote-Code-Execution.html
- https://github.com/hieuminhnv/Zenario-CMS-9.0-last-version/issues/2
- https://minhnq22.medium.com/file-upload-to-rce-on-zenario-9-0-54156-cms-fa05fcc6cf74
- http://packetstormsecurity.com/files/166617/Zenario-CMS-9.0.54156-Remote-Code-Execution.html
- https://github.com/hieuminhnv/Zenario-CMS-9.0-last-version/issues/2
- https://minhnq22.medium.com/file-upload-to-rce-on-zenario-9-0-54156-cms-fa05fcc6cf74
Products affected by CVE-2021-42171
-
cpe:2.3:a:tribalsystems:zenario:9.0.54156