CVE-2021-27183

Published: Apr 14, 2021Modified: Jun 17, 2026

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution.

Affected (1)

Products: Altn: Mdaemon

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Altn Mdaemon	Before 20.0.4

Related CWEs

Externally Controlled Reference to a Resource in Another Sphere

The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.

References (4)

https://github.com/chudyPB/MDaemon-Advisories

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN/

Source: cve@mitre.org

Release NotesVendor Advisory

https://github.com/chudyPB/MDaemon-Advisories

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.altn.com/Support/SecurityUpdate/MD011221_MDaemon_EN/

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.