Critical severityNVD Advisory· Published Jul 16, 2022· Updated Aug 4, 2024
CVE-2021-36711
CVE-2021-36711
Description
WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
OctoBotPyPI | < 0.4.4 | 0.4.4 |
Affected products
2- OctoBot/WebInterfacedescription
Patches
Vulnerability mechanics
References
10- github.com/advisories/GHSA-fr75-x856-q6j8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-36711ghsaADVISORY
- packetstormsecurity.com/files/167780/OctoBot-WebInterface-0.4.3-Remote-Code-Execution.htmlghsax_refsource_MISCWEB
- github.com/Drakkar-Software/OctoBot/blob/master/CHANGELOG.mdghsax_refsource_MISCWEB
- github.com/Drakkar-Software/OctoBot/blob/master/CHANGELOG.mdghsaWEB
- github.com/Drakkar-Software/OctoBot/issues/1966ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/octobot/PYSEC-2022-235.yamlghsaWEB
- packetstormsecurity.com/files/167721/Sashimi-Evil-OctoBot-Tentacle.htmlghsax_refsource_MISCWEB
- www.octobot.onlineghsaWEB
- www.octobot.onlinemitrex_refsource_MISC
News mentions
0No linked articles in our index yet.