CVE-2021-47936 – OpenCATS

CVSS 9.8 CRITICAL

“A job application upload can become a direct command line into your server.”

This patch addresses a critical remote code execution vulnerability in OpenCATS affecting versions up to 0.9.4. The issue allows unauthenticated attackers to upload malicious PHP files disguised as resumes through the job application feature. Once uploaded, attackers can execute arbitrary system commands, leading to full server compromise.

CVE-2021-47936 has a CVSS score of 9.8, which is Critical severity. Proof-of-concept exploitation has been confirmed, making this vulnerability highly dangerous in real-world environments. The attack requires no authentication and can be executed remotely with minimal effort.

Key Details

Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
CWE Classification: CWE-306

Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.

CVE-2021-47936 – OpenCATS

Key Details

Stay Tuned

PLATFORM

SOLUTIONS

RESOURCES

COMPANY

LEGAL

CONTACTS

+1-346-444-8530

Toll Free: 833-444-8530

708 Main St, 10th FL, Houston, TX 77002