cbcvebase.
CVE-2021-43778
published 2021-11-24

CVE-2021-43778: Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable…

PriorityP181high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
52.66%
98.8th percentile
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.

Affected

2 ranges
VendorProductVersion rangeFixed in
glpi-projectbarcode>= 2.0 < 2.6.12.6.1
pluginsglpibarcode

Detection & IOCsextracted from sources · hover to see the quote

url/glpi/plugins/barcode/front/send.php?file=../../../../../../../../etc/passwd
path/glpi/plugins/barcode/front/send.php
  • HTTP GET request to the vulnerable endpoint with a path traversal payload in the `file` parameter targeting /etc/passwd
  • Successful exploitation returns HTTP 200 with /etc/passwd content matching root:.*:0:0: in the response body
  • Presence of the file front/send.php under the GLPI barcode plugin directory indicates a potentially vulnerable installation
  • ·The path traversal payload uses the `file` query parameter in front/send.php; depth of traversal (8 levels: ../../../../../../../../) may need adjustment depending on the server's installation path
  • ·Only GLPI barcode plugin version 2.x prior to 2.6.1 is affected; version 2.6.1 and later are patched

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck9.1CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.