CVE-2021-42261

HIGH

Revisorlab Video Management System < 2.0.0 - Path Traversal

Title source: rule

Description

Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of restricted directory on the remote server. This could lead to the disclosure of sensitive data on the vulnerable server.

Exploits (1)

nomisec WRITEUP 1 stars

by jet-pentest · poc

https://github.com/jet-pentest/CVE-2021-42261

View Code ZIP pw:eip

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://revisorlab.com/

Third Party Advisory x_refsource_misc

https://github.com/jet-pentest/CVE-2021-42261

Scores

CVSS v3 7.5

EPSS 0.0133

EPSS Percentile 80.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

revisorlab/video_management_system < 2.0.0

Published Oct 19, 2021

Tracked Since Feb 18, 2026