{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T00:21:20.513","vulnerabilities":[{"cve":{"id":"CVE-2021-26639","sourceIdentifier":"vuln@krcert.or.kr","published":"2022-08-17T21:15:08.487","lastModified":"2024-11-21T05:56:38.693","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability is caused by the lack of validation of input values for specific functions if WISA Smart Wing CMS. Remote attackers can use this vulnerability to leak all files in the server without logging in system."},{"lang":"es","value":"Esta vulnerabilidad es causada por una falta de comprobación de los valores de entrada para funciones específicas si WISA Smart Wing CMS. Los atacantes remotos pueden usar esta vulnerabilidad para filtrar todos los archivos en el servidor sin entrar en el sistema."}],"metrics":{"cvssMetricV31":[{"source":"vuln@krcert.or.kr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"vuln@krcert.or.kr","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-494"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-494"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wisa:smart_wing_cms:*:*:*:*:*:*:*:*","versionEndExcluding":"r18715.20211229","matchCriteriaId":"09D11334-ECC6-482C-A43A-ABC42D3B6EB9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66875","source":"vuln@krcert.or.kr","tags":["Third Party Advisory"]},{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66875","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}