CVE-2021-31217
CRITICALSolarWinds DameWare Mini Remote Control Server 12.0.1.200 - Unauthenticated File Deletion via Insecure Permissions
Title source: llmDescription
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://support.solarwinds.com/SuccessCenter/s/
Release Notes, Vendor Advisory x_refsource_misc
https://documentation.solarwinds.com/en/success_center/dameware/content/release_notes/dameware_12-2_release_notes.htm
Scores
CVSS v3
9.1
EPSS
0.0047
EPSS Percentile
64.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (1)
solarwinds/dameware_mini_remote_control
12.0.1.200
Published
Jul 13, 2021
Tracked Since
Feb 18, 2026