CVE-2021-20114
published 2021-07-30CVE-2021-20114: When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which…
PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
5.97%
92.4th percentile
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tecnick | tcexam | <= 14.8.1 | — |
| tecnick | tcexam | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Send an unauthenticated HTTP GET request to /cache/backup/ and check for directory listing response containing 'Index of /cache/backup', 'Parent Directory', and '.sql.gz' with HTTP 200 status. ↗
- →Match all three strings simultaneously ('Index of /cache/backup', 'Parent Directory', '.sql.gz') with AND condition to confirm exposed backup directory listing. ↗
- →Confirm HTTP 200 status code alongside the directory listing keywords to avoid false positives on redirected or blocked responses. ↗
- ·The vulnerability is only present when TCExam is installed using default/recommended settings; custom hardened installations may restrict access to /cache/backup/ and would not be vulnerable. ↗
- ·Affected versions are TCExam 14.8.1 and below; versions above 14.8.1 are remediated. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
TCExam <= 14.8.1 - Sensitive Information Exposure
nuclei·CVSS 7.5
CVE-2021-20114 [HIGH] TCExam <= 14.8.1 - Sensitive Information Exposure
TCExam <= 14.8.1 - Sensitive Information Exposure
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which includes sensitive database backup files.
Template:
id: CVE-2021-20114
info:
name: TCExam <= 14.8.1 - Sensitive Information Exposure
author: push4d
severity: high
description: When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which includes sensitive database backup files.
impact: |
An attacker can gain access to sensitive information, potentially leading to unauthorized access or data leakage.
remediation: |
Upgrade TCExam to a version higher than 14.8.1 to mitigate the vulnerability.
referen
2021-07-30
Published