CVE-2021-29465

Discord-Recon is a bot for the Discord chat service. Versions of Discord-Recon 0.0.3 and prior contain a vulnerability in which a remote attacker is able to overwrite any file on the system with the command results. This can result in remote code execution when the user overwrite important files on the system. As a workaround, bot maintainers can edit their `setting.py` file then add `<` and `>` into the `RCE` variable inside of it to fix the issue without an update. The vulnerability is patched in version 0.0.4.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-6pp2-rpj3-jcjx	Mitigation Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:discord:discord-recon:*:*:*:*:*:*:*:*

History

18 Oct 2022, 20:49

Type	Values Removed	Values Added
CWE	~~CWE-94~~	CWE-78

27 Apr 2021, 20:11

Type	Values Removed	Values Added
CPE		cpe:2.3:a:discord:discord-recon::::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 7.5 v3 : 9.8
References	~~(CONFIRM) https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-6pp2-rpj3-jcjx -~~	(CONFIRM) https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-6pp2-rpj3-jcjx - Mitigation, Third Party Advisory

22 Apr 2021, 12:20

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-04-22 01:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-29465

Mitre link : CVE-2021-29465

CVE.ORG link : CVE-2021-29465

JSON object : View

Products Affected

discord

discord-recon

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-94

Improper Control of Generation of Code ('Code Injection')

{"id": "CVE-2021-29465", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 5.5, "exploitabilityScore": 2.8}]}, "published": "2021-04-22T01:15:07.697", "references": [{"url": "https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-6pp2-rpj3-jcjx", "tags": ["Mitigation", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Discord-Recon is a bot for the Discord chat service. Versions of Discord-Recon 0.0.3 and prior contain a vulnerability in which a remote attacker is able to overwrite any file on the system with the command results. This can result in remote code execution when the user overwrite important files on the system. As a workaround, bot maintainers can edit their `setting.py` file then add `<` and `>` into the `RCE` variable inside of it to fix the issue without an update. The vulnerability is patched in version 0.0.4."}, {"lang": "es", "value": "Discord-Recon es un bot para el servicio de chat Discord. Unas versiones de Discord-Recon versiones 0.0.3 y anteriores, contienen una vulnerabilidad en la que un atacante remoto puede sobrescribir cualquier archivo del sistema con los resultados del comando. Esto puede resultar en la ejecuci\u00f3n de c\u00f3digo remota cuando el usuario sobrescribe archivos importantes en el sistema. Como soluci\u00f3n alternativa, los encargados de mantenimiento de bots pueden editar su archivo \"setting.py\" y luego agregar\" (\"y\") \"en la variable\" RCE\" dentro de \u00e9l para solucionar el problema sin una actualizaci\u00f3n. La vulnerabilidad est\u00e1 parcheada en la versi\u00f3n 0.0.4"}], "lastModified": "2022-10-18T20:49:53.730", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:discord:discord-recon:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C16FC61-4C51-4BF4-A49B-815084946EF6", "versionEndExcluding": "0.0.4"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}