VDB
CVE-2021-21809
CVE-2021-21809
PUBLISHED
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
EPSS 72.90% · 98.8th percentile
Risk Scores
EPSS Score
72.90%
98.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | moodle | 3.10.0 |
| Bitnami | moodle | 3.10.0 |
Exploit Intelligence
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc-repo)
- CVE-2021-21809 POC (github-poc)
- CVE-2021-21809 POC (github-poc)
…and 14 more exploits
Timeline
- Jun 23, 2021 CVE Published
- Jun 24, 2021 EPSS Score
- Oct 11, 2021 PoC Published
- Oct 12, 2021 EPSS Score
- Oct 13, 2021 PoC Published
- Oct 13, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Aug 24, 2022 CVE Updated
- Dec 20, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Oct 25, 2023 EPSS Score