Kaseya Vsa vulnerabilities
7 known vulnerabilities affecting kaseya/vsa.
Total CVEs
7
CISA KEV
0
Public exploits
1
Exploited in wild
3
Severity breakdown
CRITICAL1HIGH3MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-30118P1CRITICALCVSS 9.8ExploitedPoCfixed in 9.5.52021-07-09
CVE-2021-30118 [CRITICAL] CWE-434 CVE-2021-30118: An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Rem
An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Management (RMM) 9.5.4.2149 and subsequently use these files to execute asp commands The api /SystemTab/uploader.aspx is vulnerable to an unauthenticated arbitrary file upload leading to RCE. An attacker can upload files with the pr
nvd
CVE-2021-30119P1MEDIUMCVSS 5.4ExploitedRansomwarefixed in 9.5.72021-07-09
CVE-2021-30119 [MEDIUM] CWE-79 CVE-2021-30119: Authenticated reflective XSS in HelpDeskTab/rcResults.asp The parameter result of /HelpDeskTab/rcRes
Authenticated reflective XSS in HelpDeskTab/rcResults.asp The parameter result of /HelpDeskTab/rcResults.asp is insecurely returned in the requested web page and can be used to perform a Cross Site Scripting attack Example request: `https://x.x.x.x/HelpDeskTab/rcResults.asp?result=alert(document.cookie)` The same is true for the parameter FileName of
nvd
CVE-2021-30120P1HIGHCVSS 7.5ExploitedRansomware≤ 9.5.62021-07-09
CVE-2021-30120 [HIGH] CWE-669 CVE-2021-30120: Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for auth
Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user authenticates with username and password, the server sends a
nvd
CVE-2021-30117P2HIGHCVSS 8.8fixed in 9.5.62021-07-09
CVE-2021-30117 [HIGH] CVE-2021-30117: The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQ
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the parameter fldrId. Detailed description --- Given the following request: ``` GET /InstallTab/exportFldr.asp?fldrId=1’ HTTP/1.1 Host: 192.168.1.194 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:85.0) Gecko/20100101 Firefox/85.0 A
nvd
CVE-2021-30201P3HIGHCVSS 7.5fixed in 9.5.62021-07-09
CVE-2021-30201 [HIGH] CWE-611 CVE-2021-30201: The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. When this XML is processed (ex
The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. When this XML is processed (external) entities are insecurely processed and fetched by the system and returned to the attacker. Detailed description Given the following request: ``` POST /vsaWS/KaseyaWS.asmx HTTP/1.1 Content-Type: text/xml;charset=UTF-8 Host: 192.168.1.194:18081 Con
nvd
CVE-2021-30121P3MEDIUMCVSS 6.5fixed in 9.5.62021-07-09
CVE-2021-30121 [MEDIUM] CVE-2021-30121: Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webse
Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: `https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp` A valid sessionId is required but can be easily obtained via CVE-2021-30118
nvd
CVE-2019-14510P4MEDIUMCVSS 6.7≤ 9.5.0.222019-10-11
CVE-2019-14510 [MEDIUM] CWE-276 CVE-2019-14510: An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, th
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration, the LAN Cache feature creates a local account FSAdminxxxxxxxxx (e.g., FSAdmin123456789) on the server that hosts the LAN Cache and all clients that are assigned to a LAN Cache. This account is placed into the local Administrators group of all clients as
nvd