CVE-2021-25864
40Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 9.3%
from disclosure to weapon
Published on NVDJan 26
VulnCheck+1062d
exploitation probability
9.3%top 5% of all CVEs
observed exploitation
yesVulnCheck
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
Affected products
n/a · n/a