Critical severityNVD Advisory· Published Mar 14, 2022· Updated Aug 4, 2024
CVE-2021-42171
CVE-2021-42171
Description
Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tribalsystems/zenarioPackagist | < 9.0.55143 | 9.0.55143 |
Affected products
2- Zenario CMS/Zenario CMSdescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-rgg3-3wh7-w935ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-42171ghsaADVISORY
- packetstormsecurity.com/files/166617/Zenario-CMS-9.0.54156-Remote-Code-Execution.htmlghsax_refsource_MISCWEB
- github.com/TribalSystems/Zenario/commit/4566d8a9ac6755f098b3373252fdb17754a77007ghsaWEB
- github.com/TribalSystems/Zenario/releases/tag/9.0.55141ghsaWEB
- github.com/hieuminhnv/Zenario-CMS-9.0-last-version/issues/2ghsax_refsource_MISCWEB
- minhnq22.medium.com/file-upload-to-rce-on-zenario-9-0-54156-cms-fa05fcc6cf74ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.