Vulnerabilities > CVE-2021-37394 - Unspecified vulnerability in Rpcms

047910
CVSS 6.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
rpcms

Summary

In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration.

Vulnerable Configurations

Part Description Count
Application
Rpcms
1