CVE-2021-3317

HIGH

klog_server < 2.4.1 - Authenticated OS Command Injection via async.php Source Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-3317. PoCs published by Metin Yunus Kandemir, Al1ex.

AI-analyzed exploit summary This exploit demonstrates an authenticated command injection vulnerability in Klog Server 2.4.1 via the 'source' parameter in async.php, executed through shell_exec() without input validation.

Description

KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on the original value of the source parameter.

Exploits (2)

exploitdb WORKING POC

by Metin Yunus Kandemir · pythonwebappsphp

https://www.exploit-db.com/exploits/49511

View Code ZIP pw:eip

This exploit demonstrates an authenticated command injection vulnerability in Klog Server 2.4.1 via the 'source' parameter in async.php, executed through shell_exec() without input validation.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Klog Server 2.4.1

Auth required

Prerequisites: Valid credentials for Klog Server · Network access to the target

MITRE ATT&CK

T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 2 stars

by Al1ex · poc

https://github.com/Al1ex/CVE-2021-3317

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2021-3317, an authenticated command injection vulnerability in Klog Server 2.4.1. The exploit leverages improper input validation in the 'source' parameter of async.php, allowing arbitrary command execution via shell_exec().

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Klog Server <= 2.4.1

Auth required

Prerequisites: Valid credentials for Klog Server · Network access to the target

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/161208/Klog-Server-2.4.1-Command-Injection.html

Scores

CVSS v3 8.8

EPSS 0.4139

EPSS Percentile 98.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (1)

klogserver/klog_server < 2.4.1

Published Jan 26, 2021

Tracked Since Feb 18, 2026