CVE-2021-35261
CVSS V2 None
CVSS V3 None
Description
File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint.
Overview
- CVE ID
- CVE-2021-35261
- Assigner
- cve@mitre.org
- Vulnerability Status
- Analyzed
- Published Version
- 2023-02-17T18:15:11
- Last Modified Date
- 2023-02-28T19:40:49
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:bearadmin_project:bearadmin:-:*:*:*:*:*:*:* | 1 | OR |
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/yupoxiong/BearAdmin/issues/16 | Exploit Issue Tracking |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2021-35261 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35261 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:56:40 | Added to TrackCVE | |||
| 2023-04-17 07:56:42 | Weakness Enumeration | new |