Exploitation Summary
CVE-2021-43496 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Clustering master branch as of commit 53e663e259bcfc8cdecb56c0bb255bd70bfcaa70 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system and can significantly aid in getting remote code access.
Nuclei Templates (1)
Clustering Local File Inclusion
HIGHby Evan Rubinstein
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/varun-suresh/Clustering/issues/12
Scores
CVSS v3
7.5
EPSS
0.1569
EPSS Percentile
96.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
Status
published
Products (1)
clustering_project/clustering
2019-07-26
Published
Nov 12, 2021
Tracked Since
Feb 18, 2026