CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-27103

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score50.5900%
EPSS Percentile91.43th
Published2021年2月16日
Last Modified2025年11月3日

Vulnerability Description

Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later.

Affected Platforms (CPE)

📦
Accellion

Fta

< 9_12_416

References & Advisories

🔗 https://github.com/accellion/CVEs/blob/main/CVE-2021-27103.txt
🔗 https://www.accellion.com/products/fta/
🔗 https://github.com/accellion/CVEs/blob/main/CVE-2021-27103.txt
🔗 https://www.accellion.com/products/fta/
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27103

相关漏洞威胁

CVE-2017-879410.0

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https ...

CVE-2019-56229.8

Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials.

CVE-2021-271019.8

Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The ...

CVE-2019-56239.8

Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Eleme...