Security Advisory

CVE-2021-30121

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-09 13:24:28

Last updated 2024-08-03 22:24:59

Assigner mitre

State PUBLISHED

Description

Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:KaseyaWebPagesdl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118

← Browse all CVEs View on cve.org ↗