CVE-2021-36719

Summary

PineApp - Mail Secure - The attacker must be logged in as a user to the Pineapp system. The attacker exploits the vulnerable nicUpload.php file to upload a malicious file,Thus taking over the server and running remote code.

Affected Software

VendorProductVersion RangeStatus
CybonetPineApp - Mail SecurePineApp - Mail Secure Latestaffected

Weaknesses

  • Authenticated RCE

ADP Enrichment

CVE Program Container

Additional References

References