Vsa
CVE-2021-30121
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp A valid sessionId is required but can be easily obtained via CVE-2021-30118
AnalysisAI
Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Technical ContextAI
This vulnerability is classified under CWE-829. Semi-authenticated local file inclusion The contents of arbitrary files can be returned by the webserver Example request: https://x.x.x.x/KLC/js/Kaseya.SB.JS/js.aspx?path=C:\Kaseya\WebPages\dl.asp A valid sessionId is required but can be easily obtained via CVE-2021-30118 Affected products include: Kaseya Vsa.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
An attacker can upload files with the privilege of the Web Server process for Kaseya VSA Unified Remote Monitoring & Man
The API /vsaWS/KaseyaWS.asmx can be used to submit XML to the system. Rated high severity (CVSS 7.5), this vulnerability
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. Rated medium severity (CVSS 6.7), this vulnerability is low
Authenticated reflective XSS in HelpDeskTab/rcResults.asp The parameter result of /HelpDeskTab/rcResults.asp is insecure
The API call /InstallTab/exportFldr.asp is vulnerable to a semi-authenticated boolean-based blind SQL injection in the p
Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. Rated high severity (CVSS 7.5), this vulnerabili
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today