Enhancement: cves/2021/CVE-2021-20837.yaml by mp
parent
9c7bfc43ee
commit
f9b869593f
|
@ -1,11 +1,10 @@
|
|||
id: CVE-2021-20837
|
||||
|
||||
info:
|
||||
name: Unauthenticated RCE In MovableType
|
||||
name: MovableType - Remote Command Injection
|
||||
author: dhiyaneshDK,hackergautam
|
||||
severity: critical
|
||||
description: 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced
|
||||
1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.
|
||||
description: MovableType 5002 and earlier (Movable Type Advanced 7 Series), Movable Type Advanced 6.8. 2 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.46 and earlier, and Movable Type Premium Advanced 1.46 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.
|
||||
reference:
|
||||
- https://nemesis.sh/posts/movable-type-0day/
|
||||
- https://github.com/ghost-nemesis/cve-2021-20837-poc
|
||||
|
@ -53,3 +52,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by mp on 2022/05/05
|
||||
|
|
Loading…
Reference in New Issue