CVE-2021-26639

Summary

This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system.

Affected Software

VendorProductVersion RangeStatus
WISA corp.Smart Wing CMSunspecified < r18715.20211229affected

Weaknesses

  • CWE-494: CWE-494 Download of Code Without Integrity Check
  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References