EUVD-2021-23990

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Altova MobileTogether Server before 7.3 SP1 is vulnerable to XXE attacks exposing sensitive data

Reporter	Title	Published	Views	Family All 12
0day.today	Altova MobileTogether Server 7.3 - XML External Entity Injection Vulnerability	12 Aug 202100:00	–	zdt
CNNVD	Altova MobileTogether Server 代码问题漏洞	10 Aug 202100:00	–	cnnvd
CVE	CVE-2021-37425	10 Aug 202121:16	–	cve
Cvelist	CVE-2021-37425	10 Aug 202121:16	–	cvelist
Exploit DB	Altova MobileTogether Server 7.3 - XML External Entity Injection (XXE)	12 Aug 202100:00	–	exploitdb
NVD	CVE-2021-37425	10 Aug 202122:15	–	nvd
OSV	CVE-2021-37425	10 Aug 202122:15	–	osv
Packet Storm	MobileTogether Server 7.3 XML Injection	10 Aug 202100:00	–	packetstorm
Prion	Design/Logic Flaw	10 Aug 202122:15	–	prion
Prion	Privilege escalation	10 Aug 202122:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "d27570b2-b176-32f7-b951-48341ff4b735",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "2056ba38-55d5-3722-b7a6-a84f878158d9",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2021-37425
redteam-pentesting	www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses
redteam-pentesting	www.redteam-pentesting.de/advisories/rt-sa-2021-002
altova	www.altova.com/mobiletogether
seclists	www.seclists.org/fulldisclosure/2021/Aug/12
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

7.8High risk

Vulners AI Score7.8

CVSS 3.19.1

CVSS 26.4

EPSS0.08684