VYPR

KLC

by Kaseya

CVEs (1)

  • CVE-2021-30121MedJul 9, 2021
    risk 0.43cvss 6.5epss 0.05

    Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118