Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-40323 — Code Injection in Project Cobbler

CWE-94 — Code Injection CWE-200 — Sensitive Information Exposure9 documents8 sources

Severity

9.8CRITICALNVD

EPSS

93.2%

top 0.20%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Cobbler Project Cobbler

Timeline

PublishedOct 4

Latest updateOct 1

Description

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

▶PyPIcobbler_project/cobbler< 3.3.0+1

▶NVDcobbler_project/cobbler3.3.0

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

OSV

Cobbler before 3.3.0 allows log poisoning↗2021-10-05

▶

GHSA

Cobbler before 3.3.0 allows log poisoning↗2021-10-05

▶

CVEList

CVE-2021-40323: Cobbler before 3↗2021-10-04

▶

OSV

CVE-2021-40323: Cobbler before 3↗2021-10-04

▶

💥Exploits & PoCs

Nuclei

Cobbler <3.3.0 - Remote Code Execution

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Clobber API XMLRPC Template Injection (CVE-2021-40323)↗2024-10-01

▶

📋Vendor Advisories

Ubuntu

Cobbler vulnerabilities↗2023-11-13

▶

Red Hat

cobbler: Arbitrary File Disclosure/Template Injection via generate_script RPC method↗2021-09-20

▶