Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-09	CVE-2021-30118	Unrestricted Upload of File with Dangerous Type vulnerability in Kaseya VSA An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leading to RCE. network low complexity kaseya CWE-434 critical	10.0