CVE-2021-25808: Code Injection
First published: Fri Jul 23 2021(Updated: )
A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bludit | =3.13.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this code injection vulnerability?
The vulnerability ID for this code injection vulnerability is CVE-2021-25808.
What is the affected software version for this vulnerability?
The affected software version for this vulnerability is Bludit 3.13.1.
What is the severity of CVE-2021-25808?
The severity of CVE-2021-25808 is 7.8 (high).
How can attackers exploit CVE-2021-25808?
Attackers can exploit CVE-2021-25808 by executing arbitrary code via a crafted ZIP file in backup/plugin.php of Bludit 3.13.1.
Is there a fix available for CVE-2021-25808?
Yes, a fix is available for CVE-2021-25808. It is recommended to update to a patched version of Bludit to mitigate the vulnerability.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/bludit
- canonical/bludit
- version/bludit/3.13.1