CVE-2021-21433 CRITICAL

CVE-2021-21433: Remote code execution on discord-recon .dirsearch and .arjun commands due to improper input validation

Vendor Demon1A
Product Discord-Recon
Weakness CWE-94 · Code injection
Published April 9, 2021
Last update August 3, 2024

CVSS base score

9.9/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H

What the vulnerability does

01Description

Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2.

Key dates

02Disclosure timeline

April 9, 2021 CVE published
August 3, 2024 Record updated