### [CVE-2021-21809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21809)
![](https://img.shields.io/static/v1?label=Product&message=Moodle&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=OS%20command%20injection&color=brighgreen)

### Description

A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.

### POC

#### Reference
- http://packetstormsecurity.com/files/164481/Moodle-SpellChecker-Path-Authenticated-Remote-Command-Execution.html
- https://talosintelligence.com/vulnerability_reports/TALOS-2021-1277

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/anldori/CVE-2021-21809
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC