Vulnerability Description
Kennnyshiwa-cogs contains cogs for Red Discordbot. An RCE exploit has been found in the Tickets module of kennnyshiwa-cogs. This exploit allows discord users to craft a message that can reveal sensitive and harmful information. Users can upgrade to version 5a84d60018468e5c0346f7ee74b2b4650a6dade7 to receive a patch or, as a workaround, unload tickets to render the exploit unusable.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kennnyshiwa-Cogs Project | Kennnyshiwa-Cogs | < 2021-05-05 |
Related Weaknesses (CWE)
References
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/commit/5a84d60018468e5c0346f7ee7
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/security/advisories/GHSA-f4j2-2cPatchThird Party Advisory
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/commit/5a84d60018468e5c0346f7ee7
- https://github.com/kennnyshiwa/kennnyshiwa-cogs/security/advisories/GHSA-f4j2-2cPatchThird Party Advisory
FAQ
What is CVE-2021-29493?
CVE-2021-29493 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Kennnyshiwa-cogs contains cogs for Red Discordbot. An RCE exploit has been found in the Tickets module of kennnyshiwa-cogs. This exploit allows discord users to craft a message that can reveal sensiti...
How severe is CVE-2021-29493?
CVE-2021-29493 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-29493?
Check the references section above for vendor advisories and patch information. Affected products include: Kennnyshiwa-Cogs Project Kennnyshiwa-Cogs.