← back
CVE-2021-43421

CVE-2021-43421

30Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 43%
exploitation probability
43%top 1% of all CVEs
observed exploitation
nono source reports it
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
Affected products
n/a · n/a