CVE-2021-43495
HIGH NUCLEIAlquistManager - Path Traversal in IO/input.py
Title source: llmExploitation Summary
CVE-2021-43495 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability in alquist/IO/input.py. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
Nuclei Templates (1)
AlquistManager Local File Inclusion
HIGHby pikpikcu
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/AlquistManager/alquist/issues/43
Scores
CVSS v3
7.5
EPSS
0.0905
EPSS Percentile
94.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
alquistai/alquist
2017-06-13
Published
Nov 15, 2021
Tracked Since
Feb 18, 2026