CVE-2021-42171: Unrestricted Upload of File with Dangerous Type

March 14, 2022 (updated May 24, 2022)

Zenario CMS 9.0.54156 is vulnerable to File Upload. The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth.

References

github.com/hieuminhnv/Zenario-CMS-9.0-last-version/issues/2
nvd.nist.gov/vuln/detail/CVE-2021-42171

Detect and mitigate CVE-2021-42171 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →