CVE-2021-42261

HIGH

Revisor Video Management System < 2.0.0 - Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-42261. PoCs published by jet-pentest.

AI-analyzed exploit summary This repository contains a writeup for CVE-2021-42261, a directory traversal vulnerability in Revisor Video Management System (VMS) before 2.0.0. The vulnerability allows remote attackers to access sensitive files outside the restricted directory.

Description

Revisor Video Management System (VMS) before 2.0.0 has a directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of restricted directory on the remote server. This could lead to the disclosure of sensitive data on the vulnerable server.

Exploits (1)

nomisec WRITEUP 1 stars

by jet-pentest · poc

https://github.com/jet-pentest/CVE-2021-42261

View Code ZIP pw:eip

This repository contains a writeup for CVE-2021-42261, a directory traversal vulnerability in Revisor Video Management System (VMS) before 2.0.0. The vulnerability allows remote attackers to access sensitive files outside the restricted directory.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Revisor VMS < 2.0.0

No auth needed

Prerequisites: Network access to the vulnerable server

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://revisorlab.com/

Third Party Advisory x_refsource_misc

https://github.com/jet-pentest/CVE-2021-42261

Scores

CVSS v3 7.5

EPSS 0.0221

EPSS Percentile 80.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

revisorlab/video_management_system < 2.0.0

Published Oct 19, 2021

Tracked Since Feb 18, 2026