LARAVEL <= V8.4.2 DEBUG MODE - REMOTE CODE EXECUTION Vulnerability CVE-2021-3129 Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP,URL

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

15

LARAVEL <= V8.4.2 DEBUG MODE - REMOTE CODE EXECUTION Vulnerability CVE-2021-3129 Scanner Detail

Laravel, Ignition before 2.5.2 allows unauthenticated remote attackers to execute arbitrary code.

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

Some Advice for Common Problems

You should update to latest version.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service