CVE-2021-29281

CRITICAL

GFI Archiver <= 15.1 - Unauthenticated Arbitrary File Upload via Telerik Web UI Plugin

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-29281. PoCs published by Amin Bohio.

AI-analyzed exploit summary This exploit targets an arbitrary file upload vulnerability in GFI Mail Archiver 15.1 via an unauthenticated Telerik UI component flaw. It encrypts and crafts malicious upload requests to bypass security controls, leveraging hardcoded keys and PBKDF2-derived encryption.

Description

File upload vulnerability in GFI Mail Archiver versions up to and including 15.1 via insecure implementation of Telerik Web UI plugin which is affected by CVE-2014-2217, and CVE-2017-11317.

Exploits (1)

exploitdb WORKING POC
by Amin Bohio · pythonwebappsmultiple
https://www.exploit-db.com/exploits/50181

This exploit targets an arbitrary file upload vulnerability in GFI Mail Archiver 15.1 via an unauthenticated Telerik UI component flaw. It encrypts and crafts malicious upload requests to bypass security controls, leveraging hardcoded keys and PBKDF2-derived encryption.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: GFI Mail Archiver <= 15.1
No auth needed
Prerequisites: Network access to the target · Telerik UI component exposed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Technical Description, Third Party Advisory x_refsource_misc
https://cwe.mitre.org/data/definitions/434.html
Technical Description, Third Party Advisory x_refsource_misc
https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://www.exploit-db.com/exploits/50181

Scores

CVSS v3 9.8
EPSS 0.0194
EPSS Percentile 77.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
gfi/archiver < 15.2
Published Jul 07, 2022
Tracked Since Feb 18, 2026