CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Oct 9, 2023
High
CISA KEVRansomwareCVE-2021-3129
Laravel—Ignition
Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().
Required Action
https://github.com/facade/ignition/releases/tag/2.5.2; https://nvd.nist.gov/vuln/detail/CVE-2021-3129
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Known
- Published
- Sep 18, 2023
- KEV Added
- Sep 18, 2023
- Due Date
- Oct 9, 2023
- Related Articles
- 0
Vendor
Laravel
Ignition