4 matches found
CVE-2021-27103
Accellion FTA 912411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA912416 and later...
Cyber Criminals Exploit Accellion FTA for Data Theft and Extortion
Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance FTA to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting...
CVE-2021-27103
creationtimestamp| type| source ---|---|--- 2021-02-17 00:48:04+00:00| seen| https://t.me/cibsecurity/23688 2021-02-23 15:58:16+00:00| seen| MISP/7391b143-ed2a-4938-b1eb-1198b56048a3 2021-07-29 17:59:02+00:00| seen| https://t.me/RussianOSINT/875 2021-10-25 22:32:43+00:00| seen|...
CVE-2021-27103
The CVE-2021-27103 issue affects Accellion FTA prior to FTA_9_12_416, where SSRF is triggered by a crafted POST to wmProgressstat.html. The connected documents provide concrete context: (1) vulnerability stems from server-side request forgery in the Accellion FTA web interface, (2) remediation is...