Vulnerabilities > CVE-2021-33213 - Server-Side Request Forgery (SSRF) vulnerability in Element-It Http Commander 5.3.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
An SSRF vulnerability in the "Upload from URL" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to retrieve HTTP and FTP files from the internal server network by inserting an internal address.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |