Critical severity9.8NVD Advisory· Published Mar 5, 2021· Updated Jun 17, 2026
CVE-2021-27964
CVE-2021-27964
Description
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- SonLogger/SonLoggerdescription
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/161793/SonLogger-4.2.3.3-Shell-Upload.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.sonlogger.com/releasenotesnvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.