Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:9 p.m.7 views

CVE-2021-25864

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...

7.5CVSS6.8AI score0.09331EPSS
Exploits1References1
Circl
Circl
added 2023/04/27 9:58 a.m.7 views

CVE-2021-25864

creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-25864.yaml 2026-06-23 14:06:19+00:00| exploited|...

7.5CVSS7.1AI score0.09331EPSS
Exploits1References3
NVD
NVD
added 2021/01/26 6:16 p.m.29 views

CVE-2021-25864

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...

7.5CVSS7.5AI score0.09331EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/01/26 7:9 a.m.29 views

CVE-2021-25864

node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file...

7.9AI score0.09331EPSS
Exploits1References1
CVE
CVE
added 2021/01/26 7:9 a.m.76 views

CVE-2021-25864

Hue Magic 3.0.0 is vulnerable to local file inclusion via the res.sendFile API in hue-magic.js, allowing an attacker to fetch arbitrary files on the server. This CVE (CVE-2021-25864) is documented in multiple sources (including a Nuclei template and advisories) as an LFI with potential to expose ...

7.5CVSS7.6AI score0.09331EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder