CVE-2021-32172

Critical

Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.

mitre·CWE-862·Published 2021-10-07

CVSS

9.8

EPSS

0.66

KEV

Exploits

cve.orgen

137 chars

Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.

NVDen

137 chars

Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken access control issue in the Elfinder plugin.

NVDes

158 chars

Maian Cart versión v3.8, contiene una explotación de ejecución de código remota (RCE) por medio de un problema de control de acceso roto en el plugin Elfinder

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H