CVE-2021-22698 - AskarLabs CVE Database

CVE-2021-22698

Vendor N/A

Product EcoStruxure Power Build - Rapsody software V2.1.13 and prior.

Weakness CWE-434 · Unrestricted file upload

Published January 25, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

Key dates

02Disclosure timeline

January 25, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-22698 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/434.html

Related vulnerabilities

04Related CVE

CVE-2023-1970 yuan1994 tpAdmin Upload.php Upload unrestricted upload CVE-2024-0783 Project Worlds Online Admission System documents.php unrestricted upload CVE-2021-21344 XStream is vulnerable to an Arbitrary Code Execution attack CVE-2025-8120 Remote Code Execution via Unrestricted File Upload in PAD CMS CVE-2024-13359 Product Input Fields for WooCommerce <= 1.12.0 - Unauthenticated Limited File Upload