cbcvebase.
CVE-2021-43008
published 2022-04-05

CVE-2021-43008: Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by…

PriorityP356high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
13.64%
96.0th percentile
Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.

Affected

8 ranges
VendorProductVersion rangeFixed in
admineradminer>= 0 < 4.6.3-14.6.3-1
admineradminer>= 0 < 4.6.3-14.6.3-1
admineradminer>= 0 < 4.6.3-14.6.3-1
admineradminer>= 0 < 4.6.3-14.6.3-1
admineradminer1.12.0 – 4.6.2
debianadminer< adminer 4.6.3-1 (bookworm)adminer 4.6.3-1 (bookworm)
debiandebian_linux
vranaadminer>= 1.12.0 < 4.6.34.6.3

Detection & IOCsextracted from sources · hover to see the quote

  • Adminer versions 1.12.0 through 4.6.2 are vulnerable; detect use of these versions in your environment as they allow arbitrary file read via a rogue remote MySQL database connection
  • Monitor for outbound MySQL connections (port 3306) initiated FROM the Adminer web application server to external/untrusted IP addresses, which is the attack vector for this file-read exploit
  • Public exploits are available for this vulnerability; treat any exploitation attempt as high-severity given low attack complexity and no authentication required
  • Successful exploitation can result in database credential theft; monitor for unexpected access to database configuration files on servers running vulnerable Adminer versions
  • ·Only the Windows installation of Advantech R-SeeNet is affected by this CVE via its bundled Adminer component; Linux installations are not affected
  • ·The vulnerability is scoped as 'local' impact in Debian's tracker, which may affect risk scoring in some environments

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.