What is CVE-2021-42342?

CVE-2021-42342 is a vulnerability in N/a. Published 2021-10-14.

Is CVE-2021-42342 known to be exploited?

24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-42342

An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. In the file upload filter, user form variables can be passed to CGI scripts without being prefixed with the CGI prefix. This permits tunneling untrusted environment variables int…

EPSS: 0.776 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342-
20142995/nuclei-templates
20142995/pocsuite3
ARPSyndicate/cve-scores
ARPSyndicate/cvemon
Mr-xn/CVE-2021-42342
NaInSec/CVE-PoC-in-GitHub
SYRTI/POC_
Threekiii/Awesome-POC
Threekiii/Vulhub-Reproduce

References

github.com/embedthis/goahead/issues/305 (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-42342?: CVE-2021-42342 is a vulnerability in N/a. Published 2021-10-14.
Is CVE-2021-42342 known to be exploited?: 24 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.