First published: Fri Feb 04 2022(Updated: )
In iCMS <=8.0.0, a directory traversal vulnerability allows an attacker to read arbitrary files.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
idreamsoft iCMS | <=8.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the iCMS directory traversal vulnerability is CVE-2021-44977.
The severity of CVE-2021-44977 is high with a CVSS score of 7.5.
The affected software for CVE-2021-44977 is iCMS <=8.0.0.
The directory traversal vulnerability in iCMS <=8.0.0 allows an attacker to read arbitrary files by bypassing directory restrictions and accessing files outside of the intended directory.
At the moment, there is no official fix available for CVE-2021-44977. It is recommended to update to a patched version when it becomes available or apply any suggested mitigations.