Critical severity9.8NVD Advisory· Published Nov 24, 2021· Updated Jun 17, 2026
CVE-2021-20850
CVE-2021-20850
Description
PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (End-of-Life, EOL) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Alfasado Inc./PowerCMS XMLRPC APIv5Range: PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, PowerCMS 2 Series (End-of-Life, EOL)
Patches
Vulnerability mechanics
References
2- www.powercms.jp/news/release-patch-xmlrpc-api-202110.htmlnvdPatchVendor Advisory
- jvn.jp/en/jp/JVN17645965/index.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.