Arbitrary Command Execution Vulnerability in Gerapy Prior to 0.9.9

Arbitrary Command Execution Vulnerability in Gerapy Prior to 0.9.9

CVE-2021-32849 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.

Learn more about our User Device Pen Test.