CVE-2021-33990

Liferay Portal 6.2.5 - Insecure Permissions

Severity Score

9.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders.html exists. NOTE: The vendor disputes this issue because the exploit reference link only shows frmfolders.html is accessible and does not demonstrate how an unauthorized user can upload a file.

Liferay Portal version 6.2.5 suffers from an insecure permissions vulnerability.

*Credits: N/A

CVSS Scores

NISTv3.1 9.8

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2021-06-07 CVE Reserved
2023-04-05 CVE Published
2023-04-05 First Exploit
2024-08-04 CVE Updated
2024-09-13 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-281: Improper Preservation of Permissions

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC
https://www.exploit-db.com/exploits/51244	2023-04-05
http://packetstormsecurity.com/files/171701/Liferay-Portal-6.2.5-Insecure-Permissions.html	2024-08-04
https://github.com/fu2x2000/Liferay_exploit_Poc	2024-08-04

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Liferay Search vendor "Liferay"		Liferay Portal Search vendor "Liferay" for product "Liferay Portal"				6.2.5 Search vendor "Liferay" for product "Liferay Portal" and version "6.2.5"		-		Affected