Exposures › CVE-2021-27104
CVE-2021-27104
Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
⚡ RCE
⌖ exploited in the wild
shame 95/100
ransomwarerceexploited-in-wild
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.
Players implicated
Description
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.
Sentiment · trusted sources
-
synthesis neutral +0.00No sentiment expressed; sources are technical databases or generic pages without commentary on Accellion's handling.
-
Neutral; technical description only.
“Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints.”
-
Neutral; unrelated CVE page.
“NVD - CVE-2026-56164”
-
Neutral; generic CISA page.
“CISA Adds Four Known Exploited Vulnerabilities to Catalog”
-
Neutral; unrelated SentinelOne page.
“Vulnerability Database | SentinelOne”
-
Neutral; generic CVE database.
“CVE, short for Common Vulnerabilities and Exposures, is a list of publicly disclosed computer security flaws.”
-
Neutral; generic KEV catalog.
“CISA's Known Exploited Vulnerabilities (KEV) catalog is the authoritative list of security flaws that have been confirmed exploited in real-world attacks.”
Affected FedRAMP products 1 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| Kiteworks Federal Cloud | Accellion USA, LLC. | Authorized | vendor-exact · 0.90 |