CVE-2021-36582

More information about this CVE will likely be available in a few days.

Description

In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.

Related CPE's

Could not find any relations

References

https://github.com/l00neyhacker/CVE-2021-36582

http://kooboo.com

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io