What is CVE-2021-43421?

CVE-2021-43421 is a vulnerability in N/a. Published 2022-04-07.

Is CVE-2021-43421 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-43421

A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code.

EPSS: 0.795 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/kenzer-templates
Yucaerin/laravel

References

github.com/Studio-42/elFinder/issues/3429 (x_refsource_MISC)
twitter.com/infosec_90/status/1455180286354919425 (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-43421?: CVE-2021-43421 is a vulnerability in N/a. Published 2022-04-07.
Is CVE-2021-43421 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.