CVE-2021-29461
Description
### Impact - This issue could be exploited to read internal files from the system and write files into the system resulting in remote code execution ### Patches - This issue has been fixed on 0.0.3 version by adding a regex that validate if there's any arguments on the command. then disallow execution if there's an argument ### Workarounds - To fix this issue from your side, just upgrade discord-recon, if you're unable to do that. then just copy the code from `assets/CommandInjection.py` and overwrite your code with the new one. that's the only code required. ### Credits - All of the credits for finding these issues on discord-recon goes to Omar Badran. ### For more information If you have any questions or comments about this advisory: * Email us at [[email protected]](mailto:[email protected])
References
CvssV3 impact
BaseSeverity | HIGH |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | HIGH |
IntegrityImpact | HIGH |
PrivilegesRequired | LOW |
BaseScore | 8.8 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Version | 3.1 |
UserInteraction | NONE |
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | COMPLETE |
AvailabilityImpact | COMPLETE |
IntegrityImpact | COMPLETE |
BaseScore | 9 |
VectorString | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | SINGLE |