CVE-2021-20721: Malicious File Upload
First published: Thu May 20 2021(Updated: )
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Kujirahand Konawiki | <2.2.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this security issue?
The vulnerability ID for this security issue is CVE-2021-20721.
What is the severity level of CVE-2021-20721?
The severity level of CVE-2021-20721 is critical.
How does CVE-2021-20721 impact the affected software?
CVE-2021-20721 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
Which versions of KonaWiki2 are affected by CVE-2021-20721?
KonaWiki2 versions prior to 2.2.4 are affected by CVE-2021-20721.
Is there a fix available for CVE-2021-20721?
Yes, updating to version 2.2.4 or newer of KonaWiki2 will fix the vulnerability.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- vendor/kujirahand
- canonical/kujirahand konawiki