CVE-2021-43421
30Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 43%
exploitation probability
43%top 1% of all CVEs
observed exploitation
nono source reports it
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.
Affected products
n/a · n/a