CVE-2021-21433

moderate-risk
Published 2021-04-09

Discord Recon Server is a bot that allows you to do your reconnaissance process from your Discord. Remote code execution in version 0.0.1 would allow remote users to execute commands on the server resulting in serious issues. This flaw is patched in 0.0.2.

Do I need to act?

~
5.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: 26e2a084679679cccdeeabbb6889ce120eff7e50
9
CVSS 9.9/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Discord-Recon

Affected Vendors

Demon1A

References (6)

Patch https://github.com/DEMON1A/Discord-Recon/commit/26e2a084679679cccdeeabbb6889ce12...
Exploit https://github.com/DEMON1A/Discord-Recon/issues/6
Third Party Advisory https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-65fm-5x64-gv9x
Patch https://github.com/DEMON1A/Discord-Recon/commit/26e2a084679679cccdeeabbb6889ce12...
Exploit https://github.com/DEMON1A/Discord-Recon/issues/6
Third Party Advisory https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-65fm-5x64-gv9x
46
/ 100
moderate-risk
Severity 33/34 · Critical
Exploitability 8/34 · Low
Exposure 5/34 · Minimal