CVE-2021-21433: Remote code execution on discord-recon .dirsearch and .arjun commands due to improper input validation
First published: Fri Apr 09 2021(Updated: )
Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Discord | <0.0.2 | |
| Discord | <0.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-21433?
CVE-2021-21433 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2021-21433?
To fix CVE-2021-21433, upgrade to Discord Recon version 0.0.2 or later.
What does CVE-2021-21433 affect?
CVE-2021-21433 affects the Discord Recon Server bot versions prior to 0.0.2.
What are the risks associated with CVE-2021-21433?
CVE-2021-21433 can allow remote users to execute arbitrary commands on the server, posing serious security risks.
Is CVE-2021-21433 still a threat if I update my software?
No, updating to version 0.0.2 or later mitigates the threat posed by CVE-2021-21433.
- agent/weakness
- agent/type
- agent/remedy
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/source
- agent/author
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/discord-recon project
- canonical/discord
- vendor/demon1a