VYPR
Medium severity6.5NVD Advisory· Published Jul 13, 2021· Updated Jun 17, 2026

CVE-2021-36123

CVE-2021-36123

Description

An issue was discovered in Echo ShareCare 8.15.5. The TextReader feature in General/TextReader/TextReader.cfm is susceptible to a local file inclusion vulnerability when processing remote input in the textFile parameter from an authenticated user, leading to the ability to read arbitrary files on the server filesystems as well any files accessible via Universal Naming Convention (UNC) paths.

Affected products

2
  • Echo/ShareCaredescription
  • echor/echorllm-fuzzy
    Range: = 8.15.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.