Miggo Logo

CVE-2021-32682: elFinder before 2.1.59 contains multiple vulnerabilities leading to RCE

9.8

CVSS Score
3.1

Basic Information

EPSS Score
0.99834%
Published
6/16/2021
Updated
1/29/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
studio-42/elfindercomposer< 2.1.592.1.59

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerabilities stemmed from improper input sanitization in functions handling URLs, file paths, and command arguments. The commit patches explicitly address these issues: SSRF via host validation, command injection via archiver argument sanitization, and path traversal via filename sanitization. The elFinder advisory and CWE mappings confirm these vectors (CWE-78, CWE-22, CWE-918). High confidence is derived from direct code changes and the technical analysis in the provided references.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t W* r***ntly *ix** s*v*r*l vuln*r**iliti*s *****t *l*in**r *.*.**. T**s* vuln*r**iliti*s **n *llow *n *tt**k*r to *x**ut* *r*itr*ry *o** *n* *omm*n*s on t** s*rv*r *ostin* t** *l*in**r P*P *onn**tor, *v*n wit* t** minim*l *on*i*ur*tion.

Reasoning

T** vuln*r**iliti*s st*mm** *rom improp*r input s*nitiz*tion in *un*tions **n*lin* URLs, *il* p*t*s, *n* *omm*n* *r*um*nts. T** *ommit p*t***s *xpli*itly ***r*ss t**s* issu*s: SSR* vi* *ost `v*li**tion`, *omm*n* inj**tion vi* `*r**iv*r` *r*um*nt s*ni