CVE-2021-20671

Summary

Invalid file validation on the upload feature in GROWI versions v4.2.2 allows a remote attacker with administrative privilege to overwrite the files on the server, which may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
WESEEK, Inc.GROWIversions v4.2.2 and earlieraffected

Weaknesses

  • Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References