Discord Recon
CVE-2021-21433
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2.
AnalysisAI
Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2. Affected products include: Demon1A Discord-Recon. Version information: version 0.0.1.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.
More in Discord Recon
View allDiscord-Recon is a bot for the Discord chat service. Rated critical severity (CVSS 9.8), this vulnerability is remotely
Discord Recon Server is a bot that allows one to do one's reconnaissance process from one's Discord. Rated high severity
Discord-Recon is a bot for the Discord chat service. Rated high severity (CVSS 7.5), this vulnerability is remotely expl
Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a dis
Same weakness CWE-94 – Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today