CVE-2021-32849

HIGH EXPLOITED

gerapy < 0.9.9 - Authenticated OS Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2021-32849 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 2 public exploits from researchers including lowkey0808, bb33bb.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-32849, a command injection vulnerability in Gerapy. The exploit authenticates with the target, then sends a crafted request to the '/api/project/clone' endpoint to execute arbitrary commands via command injection in the 'address' parameter.

Description

Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.

Exploits (2)

nomisec WORKING POC 1 stars
by lowkey0808 · remote
https://github.com/lowkey0808/cve-2021-32849

This repository contains a functional exploit for CVE-2021-32849, a command injection vulnerability in Gerapy. The exploit authenticates with the target, then sends a crafted request to the '/api/project/clone' endpoint to execute arbitrary commands via command injection in the 'address' parameter.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Gerapy (version not specified)
Auth required
Prerequisites: Valid credentials for the target Gerapy instance · Network connectivity to the target · A listener (e.g., netcat) to receive the reverse shell or command output
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec SUSPICIOUS
by bb33bb · poc
https://github.com/bb33bb/CVE-2021-32849

The repository contains only a README with a reference link and no actual exploit code or technical details. It lacks depth and appears to be a placeholder or lure.

Classification
Suspicious 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: Gerapy
No auth needed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory x_refsource_misc
https://securitylab.github.com/advisories/GHSL-2021-076-gerapy/
Exploit, Issue Tracking, Third Party Advisory x_refsource_confirm
https://github.com/Gerapy/Gerapy/security/advisories/GHSA-756h-r2c9-qp5j
Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/Gerapy/Gerapy/issues/197
Issue Tracking, Third Party Advisory x_refsource_misc
https://github.com/Gerapy/Gerapy/issues/217

Scores

CVSS v3 8.8
EPSS 0.7831
EPSS Percentile 99.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

VulnCheck KEV 2024-03-04
CWE
CWE-78 CWE-77
Status published
Products (2)
gerapy/gerapy < 0.9.9
pypi/gerapy 0 - 0.9.9PyPI
Published Jan 26, 2022
Tracked Since Feb 18, 2026