CVE-2021-47921

Sažetak

Free Photo & Video Vault 0.0.2 contains a directory traversal web vulnerability that allows remote attackers to manipulate application path requests and access sensitive system files. Attackers can exploit the vulnerability without privileges to retrieve environment variables and access unauthorized system paths.

Reference

https://apps.apple.com/us/app/free-photo-video-vault-wifi-transfer/id981034501
https://www.vulncheck.com/advisories/free-photo-video-vault-directory-traversal-vulnerability-via-web-request
https://www.vulnerability-lab.com/get_content.php?id=2271
https://www.vulnerability-lab.com/get_content.php?id=2271

CVSS

Base:	6.5
Impact:	3.6
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Zadnje važnije ažuriranje

03-02-2026 - 17:15

Objavljeno

01-02-2026 - 13:15