CVE-2021-25631


denylist of executable filename extensions possible to bypass under windows

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.


We have discovered 135 live websites that are affected by CVE-2021-25631.

Contact us to get more info



Affected Software

Product  LibreOffice
Category Content Management System
Vulnerable Versions
  • from 7 before 7.0.5
  • from 7.1 before 7.1.2
Total Vulnerable Versions195
Vulnerable Domains135 live websites (4.00% of LibreOffice install base)


Common Weakness Enumeration


CWE-184 Incomplete List of Disallowed Inputs



Details

  • Published - Apr 15, 2021
  • Updated - May 3, 2021

Credits

  • Lukas Euler of Positive Security





Countries

United States34 websites


Germany31 websites
France12 websites
Italy9 websites
Brazil4 websites
Czech Republic4 websites
Spain4 websites
GB4 websites
Sweden4 websites
Canada3 websites

TLDs

.com42 websites
.de28 websites
.org8 websites
.it6 websites
.fr5 websites
.cz4 websites
.se4 websites
.co.uk3 websites
.com.br3 websites
.edu3 websites

Vulnerable Versions

Vulnerable versions are highlighted in red


References


Websites affected by CVE-2021-25631

Top websites that are affected by CVE-2021-25631. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
***.*****.de Germany***,***
********.***.**.es Spain*,***,***
***.********************.de Germany*,***,***
********.**********.com United States*,***,***
***.***********.cat Spain*,***,***
*************.de Germany*,***,***
***.**********.de Germany*,***,***
******************.nl Netherlands*,***,***
*******.***********.com United States*,***,***
***.************.it Italy*,***,***
See full domain list