CVE-2021-4463 | THREATINT

Description

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the intended directory.

PUBLISHED Reserved 2025-11-12 | Published 2025-11-12 | Updated 2025-11-13 | Assigner VulnCheck

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-552 Files or Directories Accessible to External Parties

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status

unaffected

Any version

affected

Timeline

2021-07-27:

ZSL-2021-5657 is publicly disclosed.

Credits

Gjoko Krstic of Zero Science Lab finder

References

www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5657.php technical-description exploit

www.exploit-db.com/exploits/50163 exploit

packetstormsecurity.com/files/163702 exploit

cxsecurity.com/issue/WLB-2021070173 exploit

exchange.xforce.ibmcloud.com/vulnerabilities/206477 vdb-entry

web.archive.org/web/20220527162453/http://www.ljkj2012.com/ product

www.vulncheck.com/...bems-api-remote-arbitrary-file-download third-party-advisory

cve.org (CVE-2021-4463)

nvd.nist.gov (CVE-2021-4463)

Download JSON

help @ threatint.eu