CVE-2021-26642

When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67125	Third Party Advisory
https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67125	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:xpressengine:xpressengine:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:56

Type	Values Removed	Values Added
Summary		(es) Al cargar un archivo de imagen en un tablero de anuncios desarrollado con XpressEngine, se presenta una vulnerabilidad en la que se puede cargar un archivo arbitrario debido a una verificación insuficiente del archivo. Un atacante remoto puede utilizar esta vulnerabilidad para ejecutar código arbitrario en el servidor donde se ejecuta el tablón de anuncios.
References	~~() https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67125 - Third Party Advisory~~	() https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67125 - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~9.8~~	v2 : unknown v3 : 8.8

Information

Published : 2023-01-20 17:15

Updated : 2024-11-21 05:56

NVD link : CVE-2021-26642

Mitre link : CVE-2021-26642

CVE.ORG link : CVE-2021-26642

JSON object : View

Products Affected

microsoft

windows

xpressengine

xpressengine

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2021-26642", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "vuln@krcert.or.kr", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2023-01-20T17:15:10.300", "references": [{"url": "https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67125", "tags": ["Third Party Advisory"], "source": "vuln@krcert.or.kr"}, {"url": "https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67125", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "vuln@krcert.or.kr", "description": [{"lang": "en", "value": "CWE-434"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running."}, {"lang": "es", "value": "Al cargar un archivo de imagen en un tablero de anuncios desarrollado con XpressEngine, se presenta una vulnerabilidad en la que se puede cargar un archivo arbitrario debido a una verificaci\u00f3n insuficiente del archivo. Un atacante remoto puede utilizar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el servidor donde se ejecuta el tabl\u00f3n de anuncios."}], "lastModified": "2024-11-21T05:56:38.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xpressengine:xpressengine:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7B83BE4-8720-4FAE-BBD5-C2C2F5BC0F1E", "versionEndExcluding": "3.0.14"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "vuln@krcert.or.kr"}