CVE-2021-43778 Scanner
Detects 'Path Traversal' vulnerability in pluginsGLPI barcode affects v. from 2.x prior to 2.6.1.
Short Info
Level
Critical
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Parent Category
CVE-2021-43778 Scanner Detail
GLPI Barcode plugin is a useful tool designed for printing barcodes and QR codes. This plugin is used in GLPI instances version 2.x. Its multiple features make the barcode management process streamlined and efficient. The barcodes are extremely important for product identification and inventory management. The plugin makes it easier for individuals and organizations to keep track of their assets, saving them valuable time and minimizing the likelihood of error.
CVE-2021-43778 vulnerability has been detected in the GLPI Barcode plugin. This vulnerability specifically targets version 2.x prior to version 2.6.1. The vulnerability allows an attacker to exploit a path traversal vulnerability in the system. Path traversal is a technique that allows attackers to gain unauthorized access to directories. In the GLPI Barcode plugin, the vulnerability is present in the send.php file. This file can be exploited by attackers to gain unauthorized access to sensitive information.
When exploited, this vulnerability can lead to serious consequences. Attackers can gain access to sensitive information, such as customer data, product information, and financial data. The attacker can also inject malware and scripts in the system, giving them access to unauthorized control over the system. This can result in loss of data, system downtime, and financial loss.
By using the pro features of the securityforeveryone.com platform, users can easily and quickly learn about vulnerabilities in their digital assets. This platform provides a comprehensive vulnerability assessment that helps identify vulnerabilities on the system. Users can also access detailed reports based on their individual needs. The platform helps users to stay secure with minimal effort and minimal risk of exposure. It is the perfect solution for organizations that require an easy, cost-effective, and reliable way to maintain their security posture.
REFERENCES
- https://github.com/hansmach1ne/MyExploits/tree/main/Path%20Traversal%20in%20GLPI%20Barcode%20plugin
- https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46
- https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1
- https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9
control security posture