CVE-2021-30121

Publication date

2021-07-09 13:24:28

Family

mitre

State

PUBLISHED

Description

Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:KaseyaWebPagesdl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118