cbcvebase.
CVE-2021-20114
published 2021-07-30

CVE-2021-20114: When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which…

PriorityP355high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
5.97%
92.4th percentile
When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.

Affected

2 ranges
VendorProductVersion rangeFixed in
tecnicktcexam<= 14.8.1
tecnicktcexam

Detection & IOCsextracted from sources · hover to see the quote

path/cache/backup/
filename*.sql.gz
  • Send an unauthenticated HTTP GET request to /cache/backup/ and check for directory listing response containing 'Index of /cache/backup', 'Parent Directory', and '.sql.gz' with HTTP 200 status.
  • Match all three strings simultaneously ('Index of /cache/backup', 'Parent Directory', '.sql.gz') with AND condition to confirm exposed backup directory listing.
  • Confirm HTTP 200 status code alongside the directory listing keywords to avoid false positives on redirected or blocked responses.
  • ·The vulnerability is only present when TCExam is installed using default/recommended settings; custom hardened installations may restrict access to /cache/backup/ and would not be vulnerable.
  • ·Affected versions are TCExam 14.8.1 and below; versions above 14.8.1 are remediated.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.