CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42777

Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C# code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v3 Score 9.8

References

http://burninatorsec.blogspot.com/2022/04/library-rce-object-chaining-cve-2021.html
http://burninatorsec.blogspot.com/2022/04/library-rce-object-chaining-cve-2021.html

Products affected by CVE-2021-42777

Stimulsoft » Reports » Version: 2013.1.1600.0

cpe:2.3:a:stimulsoft:reports:2013.1.1600.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42777

Products

Pricing

Contact Us