CVE-2021-27183

HIGH

Altn Mdaemon < 20.0.4 - Remote Code Execution

Title source: rule

Description

An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution.

References (2)

[Release Notes, Vendor Advisory] https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN/

[Exploit, Third Party Advisory] https://github.com/chudyPB/MDaemon-Advisories

View Exploit ZIP pw:eip

Scores

CVSS v3 7.2

EPSS 0.0429

EPSS Percentile 88.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-610

Status published

Products (1)

altn/mdaemon < 20.0.4

Published Apr 14, 2021

Tracked Since Feb 18, 2026