KEVIntel
Back to KEVs
9.8
CVSS
Critical

CVE-2021-42237

PUBLISHED

Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve...

Exploited in the wild Used in malware Remote Low complexity No user interaction
Vendor
Sitecore
Product
Sitecore XP
Published
Nov 05, 2021
EPSS

Description

Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.

cisa malware ransomware nuclei_scanner metasploit

CVSS scores

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2.0 10.0

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitation status

Exploited in the wild

Recorded 2022-03-25 00:00:00 UTC · Source

Used in malware

Recorded 2022-03-25 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
Yes
Technical impact
total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Mar 25, 2022

Scanner integrations

Scanner Reference Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/sitecore_xp_cve_2021_42237.rb Apr 28, 2025
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-42237.yaml Apr 25, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

sitecore_xp_cve_2021_42237

metasploit · Created Unknown

Metasploit module for CVE-2021-42237

ItsIgnacioPortal/CVE-2021-42237

github · Created 2022-01-16 05:22:30 UTC · 12 stars

An exploit/PoC for CVE-2021-42237

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel

  • Detected by Nuclei

  • Detected by Metasploit