Lucene search
GoogleOSV:CVE-2021-40904HistoryMar 25, 2022 - 11:15 p.m.
CVE-2021-40904
2022-03-2523:15:08
Google
osv.dev
3
checkmk raw edition
dokuwiki
remote code execution
web management interface
valid credentials
administrator
The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session by a user with the role of administrator.
Related
ubuntucve
ubuntucve
CVE-2021-40904
2022-03-25 00:00:00
cvelist
cvelist
CVE-2021-40904
2022-03-25 22:19:59
openvas
openvas
Checkmk 1.5.x - 1.5.0p25 RCE Vulnerability
2022-03-29 00:00:00
githubexploit
githubexploit
Exploit for Incorrect Default Permissions in Tribe29 Checkmk
2021-10-12 09:38:48
prion
prion
Remote code execution
2022-03-25 23:15:00
cve
cve
CVE-2021-40904
2022-03-25 23:15:08
nvd
nvd
CVE-2021-40904
2022-03-25 23:15:08