An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular expression (intended to match local https URLs) lacks an initial ^ character, courier/web/1000@/wmProgressval.html allows SSRF attacks with a file:///etc/passwd#https:// URL pattern.
Max CVSS
10.0
EPSS Score
0.41%
Published
2017-05-05
Updated
2017-05-17

CVE-2021-27104

Known exploited
Used for ransomware
Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.
Max CVSS
10.0
EPSS Score
1.45%
Published
2021-02-16
Updated
2021-02-17
CISA KEV Added
2021-11-03

CVE-2015-2857

Public exploit
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.
Max CVSS
9.8
EPSS Score
96.00%
Published
2017-08-22
Updated
2020-09-09
SQL injection vulnerability in home/seos/courier/security_key2.api on the Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote attackers to execute arbitrary SQL commands via the client_id parameter.
Max CVSS
9.8
EPSS Score
0.14%
Published
2016-05-07
Updated
2016-05-10
An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter.
Max CVSS
9.8
EPSS Score
1.81%
Published
2017-05-05
Updated
2019-10-03
An issue was discovered on Accellion FTA devices before FTA_9_12_180. A report_error.php?year='payload SQL injection vector exists.
Max CVSS
9.8
EPSS Score
0.21%
Published
2017-05-05
Updated
2017-05-17
An issue was discovered on Accellion FTA devices before FTA_9_12_180. The home/seos/courier/ldaptest.html POST parameter "filter" can be used for LDAP Injection.
Max CVSS
9.8
EPSS Score
0.82%
Published
2017-05-05
Updated
2017-05-17
An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because mysql_real_escape_string is misused, seos/courier/communication_p2p.php allows SQL injection with the app_id parameter.
Max CVSS
9.8
EPSS Score
0.21%
Published
2017-05-05
Updated
2017-05-17
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-798: Use of Hard-coded Credentials.
Max CVSS
9.8
EPSS Score
0.22%
Published
2020-04-29
Updated
2020-05-07
Accellion File Transfer Appliance version FTA_8_0_540 suffers from an instance of CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection').
Max CVSS
9.8
EPSS Score
0.31%
Published
2020-04-29
Updated
2021-09-14

CVE-2021-27101

Known exploited
Used for ransomware
Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.
Max CVSS
9.8
EPSS Score
0.76%
Published
2021-02-16
Updated
2021-02-17
CISA KEV Added
2021-11-03

CVE-2021-27103

Known exploited
Used for ransomware
Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later.
Max CVSS
9.8
EPSS Score
1.22%
Published
2021-02-16
Updated
2021-02-17
CISA KEV Added
2021-11-03
Accellion FTA 9_12_432 and earlier is affected by argument injection via a crafted POST request to an admin endpoint. The fixed version is FTA_9_12_444 and later.
Max CVSS
9.8
EPSS Score
0.28%
Published
2021-03-02
Updated
2021-03-05
Accellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
Max CVSS
9.0
EPSS Score
0.33%
Published
2010-02-19
Updated
2017-08-17
Static code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.
Max CVSS
9.0
EPSS Score
0.18%
Published
2010-02-19
Updated
2010-02-22
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users to execute arbitrary commands by leveraging the YUM_CLIENT restricted-user role.
Max CVSS
8.8
EPSS Score
0.16%
Published
2016-05-07
Updated
2016-05-09
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request to home/seos/courier/web/wmProgressstat.html.php with an attacker domain in the acallow parameter, the device will respond with an Access-Control-Allow-Origin header allowing the attacker to have site access with a bypass of the Same Origin Policy.
Max CVSS
8.8
EPSS Score
0.25%
Published
2017-05-05
Updated
2019-10-03
Accellion Kiteworks before 7.4.0 allows an authenticated user to perform SQL Injection via LDAPGroup Search.
Max CVSS
8.8
EPSS Score
0.10%
Published
2021-06-23
Updated
2021-06-25
courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters.
Max CVSS
7.8
EPSS Score
2.20%
Published
2009-08-19
Updated
2017-08-17
Directory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
Max CVSS
7.8
EPSS Score
1.17%
Published
2010-02-19
Updated
2017-08-17
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows local users to add an SSH key to an arbitrary group, and consequently gain privileges, via unspecified vectors.
Max CVSS
7.8
EPSS Score
0.04%
Published
2016-05-07
Updated
2016-05-10
Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors.
Max CVSS
7.8
EPSS Score
0.04%
Published
2016-08-26
Updated
2016-11-28

CVE-2021-27102

Known exploited
Used for ransomware
Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA_9_12_416 and later.
Max CVSS
7.8
EPSS Score
0.08%
Published
2021-02-16
Updated
2021-02-19
CISA KEV Added
2021-11-03

CVE-2015-2856

Public exploit
Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie.
Max CVSS
7.5
EPSS Score
97.07%
Published
2017-10-10
Updated
2017-10-23
Accellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command.
Max CVSS
7.2
EPSS Score
0.10%
Published
2010-02-19
Updated
2017-08-17
42 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!