Lucene search

CVE-2021-3378

🗓️ 01 Feb 2021 23:12:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 24 Media mentions👁 175 Views🌐 WEB

FortiLogger 4.4.2.2 Arbitrary File Upload via Content-Type header

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 14
Exploit DB	FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload (Metasploit)	1 Mar 202100:00	–	exploitdb
Check Point Advisories	FortiLogger Arbitrary File Upload (CVE-2021-3378)	5 Apr 202100:00	–	checkpoint_advisories
Metasploit	FortiLogger Arbitrary File Upload Exploit	1 Mar 202114:55	–	metasploit
Nuclei	FortiLogger 4.4.2.2 - Arbitrary File Upload	1 Mar 202100:32	–	nuclei
NVD	CVE-2021-3378	1 Feb 202123:15	–	nvd
0day.today	FortiLogger Arbitrary File Upload Exploit	28 Mar 202100:00	–	zdt
0day.today	FortiLogger 4.4.2.2 - Unauthenticated Arbitrary File Upload Exploit	1 Mar 202100:00	–	zdt
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Fortilogger	30 Jan 202123:47	–	githubexploit
Circl	CVE-2021-3378	1 Mar 202100:00	–	circl
Prion	Design/Logic Flaw	1 Feb 202123:15	–	prion

Nvd

Node

fortilogger fortiloggerRange<5.2.0

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/161601/FortiLogger-4.4.2.2-Arbitrary-File-Upload.html
github	www.github.com/erberkan/fortilogger_arbitrary_fileupload
packetstormsecurity	www.packetstormsecurity.com/files/161974/FortiLogger-Arbitrary-File-Upload.html

Parameter	Position	Path	Description	CWE
file	request body	/Config/SaveUploadedHotspotLogoFile	Arbitrary file upload endpoint that allows uploading files with malicious content.	CWE-434

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

01 Feb 2021 23:15Current

9.2High risk

Vulners AI Score9.2

CVSS27.5

CVSS39.8

EPSS0.91955

CWE-434