CVE-2021-43778
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2021-43778. We'll provide specific mitigation strategies based on your environment and risk profile.
CVSS Score
V3.1EPSS Score
v2025.03.14There is a 84.2% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. This issue was patched in version 2.6.1. As a workaround, delete the `front/send.php` file.
Available Exploits
GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability.
Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability.
References:
- https://github.com/AK-blank/CVE-2021-43778
- https://nvd.nist.gov/vuln/detail/CVE-2021-43778
- https://github.com/pluginsGLPI/barcode/security/advisories/GHSA-2pjh-h828-wcw9
- https://github.com/pluginsGLPI/barcode/releases/tag/2.6.1
- https://github.com/pluginsGLPI/barcode/commit/428c3d9adfb446e8492b1c2b7affb3d34072ff46