PT-2021-10654 · Emlog · Emlog

Published

2021-10-06

Updated

2021-10-15

CVE-2020-21654

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: emlog version 6.0

Description: The issue is related to a vulnerability in the admintemplate.php component, which can be exploited by attackers to gain access via a crafted Zip file.

Recommendations: For emlog version 6.0, update to a newer version that contains a fix for this issue, or as a temporary workaround, consider restricting access to the admintemplate.php component to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-21654

Affected Products

Emlog

PT-2021-10654 · Emlog · Emlog

CVE-2020-21654

Related Identifiers

Affected Products

References · 3