CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-27101

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score41.5120%
EPSS Percentile95.80th
Published2021年2月16日
Last Modified2025年11月3日

Vulnerability Description

Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.

Affected Platforms (CPE)

📦
Accellion

Fta

<= 9_12_370

References & Advisories

🔗 https://github.com/accellion/CVEs/blob/main/CVE-2021-27101.txt
🔗 https://www.accellion.com/products/fta/
🔗 https://github.com/accellion/CVEs/blob/main/CVE-2021-27101.txt
🔗 https://www.accellion.com/products/fta/
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27101

相關漏洞威脅

CVE-2017-879410.0

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https ...

CVE-2019-56229.8

Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials.

CVE-2019-56239.8

Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Eleme...

CVE-2021-271039.8

Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA...