CVE-2021-46384
CVSS v3.1
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.23 % (61th)
Affected Products
1
Advisories
1
https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: RCE. The impact is: execute arbitrary code (remote). The attack vector is: ${"freemarker.template.utility.Execute"?new()("calc")}. ¶¶ MCMS has a pre-auth RCE vulnerability through which allows unauthenticated attacker with network access via http to compromise MCMS. Successful attacks of this vulnerability can result in takeover of MCMS.
Weaknesses
- CWE-306
- Missing Authentication for Critical Function
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2022-03-04 22:15:19
(2 years ago) - Updated Date
-
2022-07-12 17:42:04
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...