← Voltar para CVEs
CVE-2021-47921
MEDIUM6.5
Descricao
Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.
Detalhes CVE
Pontuacao CVSS v3.16.5
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado2/1/2026
Ultima modificacao2/3/2026
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-22
Referencias
https://apps.apple.com/us/app/free-photo-video-vault-wifi-transfer/id981034501(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/free-photo-video-vault-directory-traversal-vulnerability-via-web-request(disclosure@vulncheck.com)
https://www.vulnerability-lab.com/get_content.php?id=2271(disclosure@vulncheck.com)
https://www.vulnerability-lab.com/get_content.php?id=2271(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.