CVE-2021-21363

MEDIUM

swagger-codegen < 2.4.19 - Local Privilege Escalation via Temporary Directory Race Condition

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-21363. PoCs published by dawetmaster, andikahilmy.

AI-analyzed exploit summary This repository contains a vulnerable version of Swagger Codegen (CVE-2021-21363), which is susceptible to arbitrary code execution during code generation. The repository includes build scripts and configuration files to reproduce the vulnerability.

Description

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. This vulnerability is local privilege escalation because the contents of the `outputFolder` can be appended to by an attacker. As such, code written to this directory, when executed can be attacker controlled. For more details refer to the referenced GitHub Security Advisory. This vulnerability is fixed in version 2.4.19. Note this is a distinct vulnerability from CVE-2021-21364.

Exploits (2)

nomisec WORKING POC

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2021-21363-swagger-codegen-vulnerable

View Code ZIP pw:eip

This repository contains a vulnerable version of Swagger Codegen (CVE-2021-21363), which is susceptible to arbitrary code execution during code generation. The repository includes build scripts and configuration files to reproduce the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Swagger Codegen

No auth needed

Prerequisites: Vulnerable version of Swagger Codegen · Ability to trigger code generation with malicious input

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Mar 14, 2026 Full analysis →

nomisec WORKING POC

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2021-21363-swagger-codegen-vulnerable

View Code ZIP pw:eip

This repository contains a vulnerable version of Swagger Codegen (CVE-2021-21363) with multiple language-specific scripts to generate and test petstore samples. The presence of build scripts and CI configurations suggests it is a functional exploit environment for demonstrating the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Swagger Codegen < 3.0.23

No auth needed

Prerequisites: Access to a vulnerable Swagger Codegen instance · Ability to provide malicious input to the code generation process

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_confirm

https://github.com/swagger-api/swagger-codegen/security/advisories/GHSA-pc22-3g76-gm6j

Patch, Third Party Advisory x_refsource_misc

https://github.com/swagger-api/swagger-codegen/commit/987ea7a30b463cc239580d6ad166c707ae942a89

View Patch ZIP pw:eip

Scores

CVSS v3 5.3

EPSS 0.0004

EPSS Percentile 14.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N

Details

CWE

CWE-378 CWE-379

Status published

Products (2)

io.swagger/swagger-codegen 0 - 2.4.19Maven

smartbear/swagger-codegen < 2.4.19

Published Mar 11, 2021

Tracked Since Feb 18, 2026