CVE-2021-27984: Malicious File Upload
First published: Fri Dec 10 2021(Updated: )
In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Pluck CMS | =4.7.15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the Pluck CMS remote command execution vulnerability?
The vulnerability ID for the Pluck CMS remote command execution vulnerability is CVE-2021-27984.
What is the severity of CVE-2021-27984?
The severity of CVE-2021-27984 is high with a CVSS score of 8.1.
How does the Pluck CMS remote command execution vulnerability occur?
The Pluck CMS remote command execution vulnerability occurs when uploading files in the admin background.
What is the affected version of Pluck CMS?
The affected version of Pluck CMS is 4.7.15.
Is there a fix available for CVE-2021-27984?
Yes, a fix is available for CVE-2021-27984. It is recommended to update to a patched version of Pluck CMS.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/pluck-cms
- canonical/pluck cms
- version/pluck cms/4.7.15