How severe is CVE-2021-42021?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-42021?

This is classified as CWE-26, which is a common weakness in software security.

CVE-2021-42021 - HIGH Severity | CVSS 7.5

Vulnerability Description

A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), Siveillance Video DLNA Server (2020 R3), Siveillance Video DLNA Server (2021 R1). The affected application contains a path traversal vulnerability that could allow to read arbitrary files on the server that are outside the application’s web document directory. An unauthenticated remote attacker could exploit this issue to access sensitive information for subsequent attacks.

Related Vulnerabilities

CVE-2024-31551

HIGH

CVSS:7.5(High)

Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request.

CWE-262024

CVE-2024-25466

HIGH

CVSS:7.3(High)

Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library comp...

CWE-262024

CVE-2024-39673

HIGH

CVSS:7.1(High)

Vulnerability of serialisation/deserialisation mismatch in the iAware module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

CWE-262024

CVE-2021-34762

HIGH

CVSS:8.1(High)

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to perform a directory traversal attack on an af...

CWE-262021

CVE-2024-20345

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the file upload functionality of Cisco AppDynamics Controller could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. This vulner...

CWE-262024

CVE-2024-5865

MEDIUM

CVSS:6.5(Medium)

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Vers...

CWE-262024