March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Node.js Vulnerabilities
April 20, 2021Rewterz Threat Advisory – CVE-2021-22893 – Pulse Connect Secure RCE Vulnerability
April 21, 2021Rewterz Threat Advisory – Multiple Node.js Vulnerabilities
April 20, 2021Rewterz Threat Advisory – CVE-2021-22893 – Pulse Connect Secure RCE Vulnerability
April 21, 2021
Severity
High
Analysis Summary
CVE-2021-29461
A remote authenticated attacker could send a specially-crafted URL request using the tools arguments to specify a malicious file from the local system, which could allow the attacker to read and write files on the system. In order to exploit this vulnerability to execute arbitrary code using a local file, the attacker would first be required to upload a malicious file or inject arbitrary commands into an existing file. Discord-Recon could allow a remote attacker to include arbitrary files.
Impact
Gain Unauthorized Access
Affected Vendors
Discord
Affected Products
Discord-Recon 0.0.2
Remediation
Upgrade to the latest version of Discord-Recon (0.0.3 or later), available from the discord-recon GIT Repository.