CVE-2021-27852
published 2021-05-27CVE-2021-27852: Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This…
PriorityP193critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-05-02
Exploited in the wild
EPSS
31.95%
98.1th percentile
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| checkbox | survey | < 7.0 | 7.0 |
| checkbox | survey | >= unspecified < 7 | 7 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unauthenticated deserialization requests targeting CheckboxWeb.dll in Checkbox Survey deployments running versions prior to 7. ↗
- →Checkbox Survey versions 6 and earlier are end-of-life; presence of these versions on a network is itself an indicator of risk and should be flagged for immediate removal. ↗
- ·The vulnerability is specifically within CheckboxWeb.dll; exploitation does not require authentication, meaning perimeter authentication controls alone are insufficient as a mitigation. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xrx4-vq84-23w6: Deserialization of Untrusted Data vulnerability in CheckboxWeb
ghsa_unreviewed·2022-05-24
CVE-2021-27852 [CRITICAL] CWE-502 GHSA-xrx4-vq84-23w6: Deserialization of Untrusted Data vulnerability in CheckboxWeb
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code. This issue affects: Checkbox Survey versions prior to 7.
VulnCheck
Checkbox Survey Deserialization of Untrusted Data Vulnerability
vulncheck·2021·CVSS 9.8
CVE-2021-27852 [CRITICAL] CWE-502 Checkbox Survey Deserialization of Untrusted Data Vulnerability
Checkbox Survey Deserialization of Untrusted Data Vulnerability
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
Affected: Checkbox Checkbox Survey
Required Action: Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.
Exploitation References: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json; https://cisa.gov/news-events/alerts/2022/04/27/2021-top-routinely-exploited-vulnerabilities; https://cisa.gov/news-events/cybersecurity-advisories/aa22-117a; https://www.group-ib.com/resources/research-hub/hi-tech-crime-trends-2022/; https://rt-solar.ru/solar-4rays
CISA
Checkbox Survey Deserialization of Untrusted Data Vulnerability
cisa·2022-04-11·CVSS 9.8
CVE-2021-27852 [CRITICAL] CWE-502 Checkbox Survey Deserialization of Untrusted Data Vulnerability
Vulnerability: Checkbox Survey Deserialization of Untrusted Data Vulnerability
Affected: Checkbox Checkbox Survey
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code.
Required Action: Versions 6 and earlier for this product are end-of-life and must be removed from agency networks. Versions 7 and later are not considered vulnerable.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-27852
Remediation Due Date: 2022-05-02
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-05-27
Published
2022-04-11
Added to CISA KEV
Exploited in the wild