CVE-2021-4436
CRITICAL EXPLOITED RANSOMWARE NUCLEI3DPrint Lite < 1.9.1.5 - Unauthenticated Arbitrary File Upload via p3dlite_handle_upload AJAX Action
Title source: llmExploitation Summary
CVE-2021-4436 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns. A Nuclei detection template is also available.
Description
The 3DPrint Lite WordPress plugin before 1.9.1.5 does not have any authorisation and does not check the uploaded file in its p3dlite_handle_upload AJAX action , allowing unauthenticated users to upload arbitrary file to the web server. However, there is a .htaccess, preventing the file to be accessed on Web servers such as Apache.
Nuclei Templates (1)
3DPrint Lite < 1.9.1.5 - Arbitrary File Upload
CRITICALVERIFIEDby s4e-io
References (1)
Core 1
Core References
Exploit, Third Party Advisory exploit
vdb-entry
technical-description
https://wpscan.com/vulnerability/c46ecd0d-a132-4ad6-b936-8acde3a09282/
Scores
CVSS v3
9.8
EPSS
0.0670
EPSS Percentile
93.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2024-03-04
Ransomware Use
Confirmed
CWE
CWE-434
Status
published
Products (1)
wp3dprinting/3dprint_lite
< 1.9.1.5
Published
Feb 05, 2024
Tracked Since
Feb 18, 2026