3 matches found
CVE-2021-28154
creationtimestamp| type| source ---|---|--- 2021-03-12 00:54:41+00:00| seen| https://t.me/cibsecurity/24816...
CVE-2021-28154
Camunda Modeler aka camunda-modeler through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured the app is that it...
CVE-2021-28154
Camunda Modeler (aka camunda-modeler) ≤ 4.6.0 is affected by an arbitrary file access flaw in the ipcRenderer interface. A remote attacker can send a crafted IPC message to manipulate readFile and writeFile, potentially exposing partial file contents or allowing unauthorized writes. The issue is ...