CVE-2021-32305
CRITICAL EXPLOITED IN THE WILD NUCLEIWebsvn < 2.6.1 - OS Command Injection
Title source: ruleDescription
WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter.
Exploits (3)
exploitdb
WORKING POC
VERIFIED
by g0ldm45k · pythonwebappsphp
https://www.exploit-db.com/exploits/50042
nomisec
WORKING POC
1 stars
by FredBrave · remote
https://github.com/FredBrave/CVE-2021-32305-websvn-2.6.0
Nuclei Templates (1)
Websvn <2.6.1 - Remote Code Execution
CRITICALby gy741
Scores
CVSS v3
9.8
EPSS
0.9235
EPSS Percentile
99.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2021-08-30
InTheWild.io
2021-04-12
CWE
CWE-78
Status
published
Products (1)
websvn/websvn
< 2.6.1
Published
May 18, 2021
Tracked Since
Feb 18, 2026