CVE-2021-3374 Scanner

RStudio Shiny Server is a web application framework that is used for building interactive web applications with R. It allows users to easily create and deploy web applications that are built with R code and libraries. These web applications can be used for a wide range of purposes, including data visualization, statistical analysis, and machine learning.

However, recently a vulnerability has been detected in this framework, known as CVE-2021-3374. This vulnerability involves directory traversal in RStudio Shiny Server before version 1.5.16, which allows attackers to read the application source code by exploiting an encoded slash.

Exploiting this vulnerability can lead to serious consequences for users of the framework. Attackers can gain access to sensitive information and data that is stored within the web applications built with RStudio Shiny Server. This can include confidential business data, personal information of users, and other sensitive data that can be misused by the attacker.

At securityforeveryone.com, we understand the importance of protecting digital assets from vulnerabilities such as CVE-2021-3374. Our pro features enable users to quickly and easily identify vulnerabilities in their web applications and other digital assets. By leveraging our platform, users can proactively mitigate the risk of cybersecurity threats and protect their digital assets from malicious attackers. So, if you want to ensure the security of your web applications and digital assets, sign up for our pro features today!

REFERENCES

• https://blog.rstudio.com/2021/01/13/shiny-server-1-5-16-update/
• https://github.com/colemanjp/shinyserver-directory-traversal-source-code-leak