{"api_version":"1","generated_at":"2026-07-09T08:02:38+00:00","cve":"CVE-2021-26473","urls":{"html":"https://cve.report/CVE-2021-26473","api":"https://cve.report/api/cve/CVE-2021-26473.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-26473","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-26473"},"summary":{"title":"CVE-2021-26473","description":"In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2021-06-08 19:15:00","updated_at":"2022-04-22 19:10:00"},"problem_types":["CWE-434"],"metrics":[],"references":[{"url":"https://www.divd.nl/","name":"https://www.divd.nl/","refsource":"MISC","tags":[],"title":"our mission","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://csirt.divd.nl/2021/05/11/Vembu-zero-days/","name":"https://csirt.divd.nl/2021/05/11/Vembu-zero-days/","refsource":"MISC","tags":[],"title":"Vembu Zero Days | DIVD CSIRT","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://csirt.divd.nl/cves/CVE-2021-26473/","name":"https://csirt.divd.nl/cves/CVE-2021-26473/","refsource":"MISC","tags":[],"title":"Unauthenticated arbitrary file upload and command execution | DIVD CSIRT","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.wbsec.nl/vembu","name":"https://www.wbsec.nl/vembu","refsource":"MISC","tags":[],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://csirt.divd.nl/cases/DIVD-2020-00011/","name":"https://csirt.divd.nl/cases/DIVD-2020-00011/","refsource":"MISC","tags":[],"title":"DIVD-2020-00011 - Four critical vulnerabilities in Vembu BDR | DIVD CSIRT","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-26473","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-26473","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[{"source":"LEGACY","value":"Discovered by Wietse Boonstra","lang":""},{"source":"LEGACY","value":"Addional research by Frank Breedijk","lang":""}],"nvd_cpes":[{"cve_year":"2021","cve_id":"26473","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vembu","cpe5":"bdr_suite","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"26473","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vembu","cpe5":"offsite_dr","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"26473","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vembu","cpe5":"offsite_dr","cpe6":"4.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"26473","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"vembu","cpe5":"offsite_dr","cpe6":"4.2.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","DATE_PUBLIC":"2021-07-07T10:49:00.000Z","ID":"CVE-2021-26473","STATE":"PUBLIC","TITLE":"Unauthenticated arbitrary file upload and command execution in Vembu products"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"credit":[{"lang":"eng","value":"Discovered by Wietse Boonstra"},{"lang":"eng","value":"Addional research by Frank Breedijk"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"https://csirt.divd.nl/cases/DIVD-2020-00011/","refsource":"CONFIRM","url":"https://csirt.divd.nl/cases/DIVD-2020-00011/"},{"name":"https://csirt.divd.nl/2021/05/11/Vembu-zero-days/","refsource":"CONFIRM","url":"https://csirt.divd.nl/2021/05/11/Vembu-zero-days/"},{"name":"https://www.wbsec.nl/vembu","refsource":"CONFIRM","url":"https://www.wbsec.nl/vembu"},{"name":"https://csirt.divd.nl/cves/CVE-2021-26473/","refsource":"CONFIRM","url":"https://csirt.divd.nl/cves/CVE-2021-26473/"}]},"source":{"advisory":"DIVD-2020-00011","discovery":"EXTERNAL"}},"nvd":{"publishedDate":"2021-06-08 19:15:00","lastModifiedDate":"2022-04-22 19:10:00","problem_types":["CWE-434"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vembu:bdr_suite:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.0.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:vembu:offsite_dr:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.0.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"26473","Ordinal":"201495","Title":"CVE-2021-26473","CVE":"CVE-2021-26473","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"26473","Ordinal":"1","NoteData":"In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"26473","Ordinal":"2","NoteData":"2021-06-08","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"26473","Ordinal":"3","NoteData":"2022-02-04","Type":"Other","Title":"Modified"}]}}}