Unrated severityNVD Advisory· Published Aug 18, 2021· Updated Aug 4, 2024
Arbitrary file upload vulnerability in OFBiz
CVE-2021-37608
Description
Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297.
Affected products
1- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
18- lists.apache.org/thread.html/r164c91c47d638869c38e41b3ce501ecaa71f385939f098b2e04df049%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r21f76ccb0fca2e2b236328d91b9d4b760352fae6293d5275f1c25a3a%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r23d04e9c477c3547f6cc87f11626899617927053bbac15b72645ac7b%40%3Ccommits.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r3f1046dccb61568ca8d871f4527f274b2a531e0865fbe2c9afbfecce%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r5899ec8324d961863e162b75679309ba4ebe9dbd79cd28edbaafcdca%40%3Ccommits.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r5b7e87f970d678f819263b35b7179f0d979f5c0f716d789aec6536f9%40%3Ccommits.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/r8d824c1491f552da820ef181b7b2d0541410b3a8748b7906265bbb03%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/ra582196fe06566ac4dbd896223f58c379cdb38088df95def41517422%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/radf6d421ec20c9e6d738155d380514f9ba1c9386c5500bda2c9429aa%40%3Ccommits.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rae6c5ec2c5fc00cbc75612ab6d94a8cc0d02603228cab6316f2b858e%40%3Ccommits.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rb4024165b7ef0428761aa0c334d44bf8bd05b533310589ee30e3b6e1%40%3Ccommits.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rc40120f33e38f51fc1036c6572094d44cb19d73aa8d40142165ed92d%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rca5b167748f0d04816747d68c4ceb7afff9b7b7556211793847d3382%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rd7d60e3276b8a9a106a6b057d3976fe123beff6c47c17ba5b3090140%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rdfab8e1df42888416e2705acc86b32e1ea0a03a131ed3ea4ff38f4af%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/re438aa1054c22eb65f2a047c337259e3b421a30b4ef11afb28c36b93%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- lists.apache.org/thread.html/rfd639ca63c8a80534b65623d9c6068859d17e2dfaaeb00a24e9fec9c%40%3Cnotifications.ofbiz.apache.org%3Emitremailing-listx_refsource_MLIST
- ofbiz.apache.org/security.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.