Authorization Bypass Vulnerability in TadTools Special Page Allows Remote File Deletion

Authorization Bypass Vulnerability in TadTools Special Page Allows Remote File Deletion

CVE-2021-41975 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

TadTools special page is vulnerable to authorization bypass, thus remote attackers can use the specific parameter to delete arbitrary files in the system without logging in.

Learn more about our Web Application Penetration Testing UK.