Description

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS permissions.

Remediation

References

CVE-2021-21706

Related Vulnerabilities

WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.0)

WordPress Plugin FB Survey Pro 'id' Parameter SQL Injection (1.0)

WordPress Plugin Ajax Search Lite Remote Command Execution (3.1)

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-8974)

MySQL CVE-2022-21334 Vulnerability (CVE-2022-21334)

Severity

Medium

Classification

CVE-2021-21706 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities