Vulnerabilities > CVE-2021-25857 - Unspecified vulnerability in Supermicro-Cms Project Supermicro-Cms 3.11

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

supermicro-cms-project

NVD

Published: 2023-08-11

Updated: 2024-11-21

Summary

An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php.

Vulnerable Configurations

Part	Description	Count
Application	Supermicro-Cms_Project Supermicro CMS Project Supermicro CMS 3.11	1

References

https://github.com/pcmt/superMicro-CMS/issues/2
https://github.com/pcmt/superMicro-CMS/issues/2