Apache OFBiz - Remote Code Execution CVE-2021-26295
- Severity
- Vulnerability description
- Not available
- Risk description
- Not available
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
- Not available
- References
- https://ridgesecurity.ai/blog/apache-ofbiz-three-deserialization-vulnerabilities-analysis-cve-2021-26295-cve-2021-29200-cve-2021-30128/https://nvd.nist.gov/vuln/detail/CVE-2021-26295
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Sniper
- Cisa Kev
- No
- Exploitable with Sniper
- Yes
- CVE Published
- Mar 1, 2021
- Detection added at
- Software Type
- Planning system
- Vendor
- Apache
- Product
- OFBiz
Detect & validate this vulnerability
Go beyond surface scans. Get real validation with proprietary tools designed to prove what’s exploitable in your environment.