CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVEs-PoC/2021/CVE-2021-29100.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

18 lines
940 B
Markdown
Raw Permalink Blame History

### [CVE-2021-29100](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29100)
![](https://img.shields.io/static/v1?label=Product&message=ArcGIS%20Earth&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.11%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-23%20Relative%20Path%20Traversal&color=brightgreen)
### Description
A path traversal vulnerability exists in Esri ArcGIS Earth versions 1.11.0 and below which allows arbitrary file creation on an affected system through crafted input. An attacker could exploit this vulnerability to gain arbitrary code execution under security context of the user running ArcGIS Earth by inducing the user to upload a crafted file to an affected system.
### POC
#### Reference
- https://www.esri.com/arcgis-blog/products/arcgis-earth/administration/arcgis-earth-security-update
#### Github
No PoCs found on GitHub currently.
Reference in New Issue View Git Blame Copy Permalink