Description
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
No history.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-03T16:53:17.450Z
Reserved: 2021-01-26T00:00:00.000Z
Link: CVE-2021-3317
No data.
Status : Modified
Published: 2021-01-26T23:15:13.047
Modified: 2026-06-17T04:04:55.823
Link: CVE-2021-3317
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')