cvedb.io
CVE-2021-35261
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2023-02-17T18:15:11.620 · Last modified 2026-06-17T03:57:23.703

Summary

File Upload Vulnerability in Yupoxion BearAdmin before commit 10176153528b0a914eb4d726e200fd506b73b075 allows attacker to execute arbitrary remote code via the Upfile function of the extend/tools/Ueditor endpoint.

Affected products

bearadmin_project — bearadmin

Does this affect you?

Add your gear to cvedb and we'll alert you only when bearadmin_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.