Severity
High
Analysis Summary
CVE-2021-42727
Adobe RoboHelp Server could allow a remote attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to execute arbitrary code on the system.
Impact
- Information Theft
Affected Vendors
Adobe
Affected Products
- Adobe RoboHelp Server RHS2020.0.1
Remediation
Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.