Security for everyone

CVE-2021-39433 Scanner

Detects 'Local File Inclusion (LFI)' vulnerability in BIQS IT Biqs-drive affects v. 1.83 and below.

SCAN NOW

Short Info


Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

CVE-2021-39433 Scanner Detail

BIQS IT Biqs-drive is a software used for file sharing and storage in businesses and organizations. It allows users to access and store files remotely, enabling hassle-free collaboration and seamless data management. The software offers several features such as file versioning, password protection, and file locking, which ensures secure data sharing and storage. 

However, recent security research has discovered a critical vulnerability in the system, designated as CVE-2021-39433. The local file inclusion (LFI) vulnerability in version BIQS IT Biqs-drive v1.83 and below is caused by a specific payload that is sent as the file parameter to download/index.php. This allows attackers to access and read arbitrary files from the server with permissions to the configured web-user account, enabling them to compromise the system and steal confidential information.

Exploitation of the vulnerability can result in a potential data breach and information leak that can cause severe reputational and financial damage to businesses and organizations. Attackers can gain access to sensitive data such as personal identifiable information, client data, and confidential business data, which can be used for identity theft, fraud, and other malicious activities.

Finally, with the pro feature of securityforeveryone.com, users can easily and quickly learn about vulnerabilities in their digital assets by subscribing to the platform. With detailed reports and insights on the latest vulnerabilities, users can take necessary precautions to prevent exploitation and ensure top-notch security for their digital assets.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture