CVE-2021-27104

Name of the Vulnerable Software and Affected Versions Accellion FTA versions 9 12 370 and earlier

Description The issue is related to OS command injection in Accellion FTA, allowing an attacker to execute arbitrary commands and gain unauthorized access to protected information by sending specially crafted POST requests to various admin endpoints.

Recommendations For Accellion FTA versions 9 12 370 and earlier, update to version FTA 9 12 380 or later to resolve the issue. As a temporary workaround, consider restricting access to admin endpoints to minimize the risk of exploitation.