CyberSec.Space Logo
Back to CVE Browser

CVE-2021-27852

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score46.0340%
EPSS Percentile97.55th
PublishedMay 27, 2021
Last ModifiedOct 24, 2025

Vulnerability Description

Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7.

Affected Platforms (CPE)

๐Ÿ“ฆ
Checkbox

Survey

< 7.0

References & Advisories

๐Ÿ”— https://www.kb.cert.org/vuls/id/706695
๐Ÿ”— https://www.kb.cert.org/vuls/id/706695
๐Ÿ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27852

Related Vulnerabilities

CVE-2013-461110.0

Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving...

CVE-2020-3594910.0

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated a...

CVE-2020-359519.9

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files...

CVE-2019-161849.8

A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their ...