CVE-2021-42237
Description
Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability.
NVD
Severity: CRITICAL
CVE ID: CVE-2021-42237
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2021-42237
Refrence: Project Discovery GitHub
ItsIgnacioPortal
An exploit/PoC for CVE-2021-42237
Refrence: GitHub
vesperp
Refrence: GitHub
crankyyash
For detection of sitecore RCE - CVE-2021-42237
Refrence: GitHub