VYPR

TALOS-2021-1366

by Talos Intelligence

CVEs (6)

  • CVE-2021-21898HigNov 19, 2021
    risk 0.57cvss 8.8epss 0.03

    A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2021-21813HigAug 13, 2021
    risk 0.51cvss 7.8epss 0.00

    Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a…

  • CVE-2021-21934MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.

  • CVE-2021-21931MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.

  • CVE-2021-21926MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at ‘health_filter’ parameter.

  • CVE-2021-21908MedDec 22, 2021
    risk 0.42cvss 6.5epss 0.01

    Specially-crafted command line arguments can lead to arbitrary file deletion. The handle_delete function does not attempt to sanitize or otherwise validate the contents of the [file] parameter (passed to the function as argv[1]), allowing an authenticated attacker to supply…