← voltar
CVE-2021-26294exploração observada

CVE-2021-26294

45Vexday Risk Score

Corrija agora. Ela exploração observada pelo VulnCheck e tem exploit funcional público.

ssvc Actepss 17%
da publicação à arma
Publicada no NVD7 de mar.
VulnCheck+1417d
probabilidade de exploração
17%top 3% das CVEs
exploração observada
simVulnCheck
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/%2e%2e when using the caldav_public_user account (with caldav_public_user as its password).
Produtos afetados
n/a · n/a