Vulnerabilities > CVE-2021-27236 - Exposure of Resource to Wrong Sphere vulnerability in Mutare Voice 3.0.0/3.2.6/3.3.7
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 |