Exposures › CVE-2021-27104

CVE-2021-27104

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE ⌖ exploited in the wild shame 95/100 ransomwarerceexploited-in-wild

Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.

Players implicated

Description

Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.

Sentiment · trusted sources

  • synthesis neutral +0.00
    No sentiment expressed; sources are technical databases or generic pages without commentary on Accellion's handling.
  • cooey ↗ neutral +0.00
    Neutral; technical description only.
    “Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.”
  • NVD ↗ neutral +0.00
    Neutral; unrelated CVE page.
    “NVD - CVE-2026-56164”
  • CISA ↗ neutral +0.00
    Neutral; generic CISA page.
    “CISA Adds Four Known Exploited Vulnerabilities to Catalog”
  • SentinelOne ↗ neutral +0.00
    Neutral; unrelated SentinelOne page.
    “Vulnerability Database | SentinelOne”
  • www.cvefind.com ↗ neutral +0.00
    Neutral; generic CVE database.
    “CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer security flaws.”
  • cvefeed.io ↗ neutral +0.00
    Neutral; generic KEV catalog.
    “CISA's Known Exploited Vulnerabilities (KEV) catalog is the authoritative list of security flaws that have been confirmed exploited in real-world attacks.”

Affected FedRAMP products 1 in the catalog

ProductProviderStatusMatch
Kiteworks Federal Cloud Accellion USA, LLC. Authorized vendor-exact · 0.90