← Volver a CVEs
CVE-2021-47788
HIGH8.8
Descripcion
WebsiteBaker 2.13.0 contains an authenticated remote code execution vulnerability that allows users with language editing permissions to execute arbitrary code. Attackers can exploit the language installation endpoint by manipulating language installation parameters to achieve remote code execution on the server.
Detalles CVE
Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado1/16/2026
Ultima modificacion1/30/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
websitebaker:websitebaker
Debilidades (CWE)
CWE-434
Referencias
https://websitebaker.org/(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/50310(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/websitebaker-remote-code-execution-rce-authenticated(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/50310(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.