COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-45834

CVE-2021-45834

Severity
critical
Source
NVD · cve
Published
2022-03-18
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-45834
⚡ RCE shame 50/100 rce

An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product's environment or lead to arbitrary code execution.

Players implicated

opendocman · vendoropendocman · product

Description

An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product's environment or lead to arbitrary code execution.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.