Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Kramer VIAware RCE (CVE-2021-36356/CVE-2021-35064) - Vulnerability Database

Kramer VIAware RCE (CVE-2021-36356/CVE-2021-35064)

Description

Kramer VIAware allows an unauthenticated user to upload arbitrary files. An attacker can exploit it to achieve remote code execution.

Remediation

Upgrade to the latest version of Kramer VIAware

References

CVE-2021-36356 Detail
CVE-2021-36356 Unauthenticated Remote Code Execution in VIAware

Related Vulnerabilities

DotCMS unrestricted file upload (CVE-2022-26352) High
Common tags: Unauthenticated File Upload Code Execution Known Vulnerabilities
Ektron CMS multiple vulnerabilities High
Common tags: Unauthenticated File Upload Code Execution Known Vulnerabilities
Ektron CMS unauthenticated code execution and Local File Read High
Common tags: Code Execution Known Vulnerabilities
Telerik Web UI Unrestricted File Upload (CVE-2014-2217) High
Common tags: Unauthenticated File Upload Code Execution
Telerik Web UI Unrestricted File Upload (CVE-2017-11317) High
Common tags: Unauthenticated File Upload Code Execution

Severity

Critical

Classification

CVE-2021-36356
CVE-2019-17124
CVE-2021-35064
CWE-434
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Tags

Unauthenticated File Upload
Code Execution
Known Vulnerabilities