Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-46384

https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise MCMS. Successful attacks of this vulnerability can result in takeover of MCMS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.097
EPSS Ranking 92.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2021-46384
  • Mingsoft » Mcms » Version: 4.6.3
    cpe:2.3:a:mingsoft:mcms:4.6.3
  • Mingsoft » Mcms » Version: 4.6.4
    cpe:2.3:a:mingsoft:mcms:4.6.4
  • Mingsoft » Mcms » Version: 4.6.5
    cpe:2.3:a:mingsoft:mcms:4.6.5
  • Mingsoft » Mcms » Version: 4.7.0
    cpe:2.3:a:mingsoft:mcms:4.7.0
  • Mingsoft » Mcms » Version: 4.7.1
    cpe:2.3:a:mingsoft:mcms:4.7.1
  • Mingsoft » Mcms » Version: 4.7.2
    cpe:2.3:a:mingsoft:mcms:4.7.2
  • Mingsoft » Mcms » Version: 5.0
    cpe:2.3:a:mingsoft:mcms:5.0
  • Mingsoft » Mcms » Version: 5.1
    cpe:2.3:a:mingsoft:mcms:5.1
  • Mingsoft » Mcms » Version: 5.2
    cpe:2.3:a:mingsoft:mcms:5.2
  • Mingsoft » Mcms » Version: 5.2.1
    cpe:2.3:a:mingsoft:mcms:5.2.1
  • Mingsoft » Mcms » Version: 5.2.2
    cpe:2.3:a:mingsoft:mcms:5.2.2
  • Mingsoft » Mcms » Version: 5.2.3
    cpe:2.3:a:mingsoft:mcms:5.2.3
  • Mingsoft » Mcms » Version: 5.2.4
    cpe:2.3:a:mingsoft:mcms:5.2.4
  • Mingsoft » Mcms » Version: 5.2.5
    cpe:2.3:a:mingsoft:mcms:5.2.5


Products
Pricing
Contact Us

Shodan ® - All rights reserved