CVE-2021-34427

CRITICAL EXPLOITED NUCLEI

Eclipse BIRT < 4.8.0 - Remote Code Execution via JSP File Upload

Title source: llm

Exploitation Summary

CVE-2021-34427 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including rt1252. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2021-34427, a remote code execution vulnerability in Eclipse BIRT. The exploit bypasses file extension checks by appending '/.' to the __document parameter, allowing a JSP webshell to be uploaded and executed.

Description

In Eclipse BIRT versions 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance.

Exploits (1)

nomisec WORKING POC

by rt1252 · remote

https://github.com/rt1252/CVE-2021-34427

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2021-34427, a remote code execution vulnerability in Eclipse BIRT. The exploit bypasses file extension checks by appending '/.' to the __document parameter, allowing a JSP webshell to be uploaded and executed.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Eclipse BIRT 4.8.0

No auth needed

Prerequisites: Target running Eclipse BIRT with exposed /reports endpoint

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Jun 18, 2026 Full analysis →

Nuclei Templates (1)

Eclipse BIRT Viewer - Remote Code Execution

CRITICALVERIFIEDby us3r777,Synacktiv

Shodan: http.title:"eclipse birt home"

References (3)

Core 3

Core References

Exploit, Mailing List, Third Party Advisory mailing-list

http://seclists.org/fulldisclosure/2022/Dec/30

Exploit, Third Party Advisory

http://packetstormsecurity.com/files/170326/Eclipse-Business-Intelligence-Reporting-Tool-4.11.0-Remote-Code-Execution.html

Exploit, Issue Tracking, Patch, Vendor Advisory

https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142

Scores

CVSS v3 9.8

EPSS 0.5771

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-12-16

CWE

CWE-20 CWE-434

Status published

Products (1)

eclipse/business_intelligence_and_reporting_tools < 4.8.0

Published Jun 25, 2021

Tracked Since Feb 18, 2026