CVE-2021-29461

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-29461

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-29461.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-29461

Related

GHSA-3m9v-v33c-g83x

Published

2021-04-20T20:15:08Z

Modified

2025-01-08T08:04:00.154267Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Discord Recon Server is a bot that allows one to do one's reconnaissance process from one's Discord. A vulnerability in Discord Recon Server prior to 0.0.3 could be exploited to read internal files from the system and write files into the system resulting in remote code execution. This issue has been fixed in version 0.0.3. As a workaround, one may copy the code from assets/CommandInjection.py in the Discord Recon Server code repository and overwrite vulnerable code from one's own Discord Recon Server implementation with code that contains the patch.

References

https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-3m9v-v33c-g83x

Affected packages

Git / github.com/demon1a/discord-recon

Affected ranges

Type: GIT
Repo: https://github.com/demon1a/discord-recon
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

26e2a084679679cccdeeabbb6889ce120eff7e50

Affected versions

0.*

0.0.1

0.0.2