CVE-2021-47812

CRITICAL EPSS 78.1%
Published Jan 16, 20265mo ago · Modified Jun 17, 20261w ago
9.3 CVSS 4.0
Critical
Find Similar
Published Jan 16, 2026 5mo ago
Last Modified Jun 17, 2026 1w ago

Description

GravCMS 1.10.7 contains an unauthenticated vulnerability that allows remote attackers to write arbitrary YAML configuration and execute PHP code through the scheduler endpoint. Attackers can exploit the admin-nonce parameter to inject base64-encoded payloads and create malicious custom jobs with system command execution.

CVSS Details

Base Score
9.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
78.1% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-862 Missing Authorization Authorization

Affected Products 1

VendorProductVersionRange
getgravgrav1.10.7any

References 3

  • getgrav.org https://getgrav.org
    Product
  • exploit-db.com https://www.exploit-db.com/exploits/49973
    Exploit
  • vulncheck.com https://www.vulncheck.com/advisories/gravcms-arbitrary-yaml-writeupdate-unauthenticated
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.