🔴 CVE-2021-21311

Adminer, a popular PHP-based database management tool, contains an SSRF vulnerability (CWE-918) that allows unauthenticated attackers to make server-side requests. This vulnerability is actively exploited in the wild and listed in CISA's KEV catalog.

← Back to Overview
HIGH_RISK
Risk Level
7.2
CVSS Score
NETWORK
Attack Vector
Initial Access
ATT&CK Tactic
T1190 — Exploit Public-Facing Application
ATT&CK Technique
HIGH
Deployment Risk
No
Ransomware

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

CVE Published: 2021-02-11

Added to CISA KEV: 2025-09-29 1691 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

🔍 Web Intelligence (Kagi · 2026-06-04)

CVE-2021-21311 is a high-severity Server-Side Request Forgery (SSRF) vulnerability affecting the Adminer database management tool [3].

Vulnerability Overview
  • Affected Product: Adminer (a popular database management tool).
  • Affected Versions: Versions 4.0.0 through 4.7.8 are vulnerable [4].
  • Status: The vulnerability was addressed in version 4.7.9 [3]. Users are strongly advised to update to the latest version to mitigate risk [1].
Exploitation and Impact
  • Attack Method: The vulnerability is a Server-Side Request Forgery (SSRF) flaw. It allows a remote attacker to force the server hosting Adminer to make unauthorized requests to arbitrary destinations [1].
  • Requirements: It is exploitable via the network with low complexity [3].
  • Impact: Successful exploitation can lead to:
* Data Exfiltration: Accessing and retrieving sensitive information from internal systems or services that are otherwise unreachable from the outside [1]. * Internal Network Reconnaissance: Mapping out the internal network structure [1]. * Further Exploitation: Serving as a pivot point for more severe attacks depending on the internal network configuration [1].
Threat Landscape
  • Active Exploitation: While the vulnerability is listed in CISA's Known Exploited Vulnerabilities (KEV) Catalog, indicating it has been exploited in the wild, specific details regarding its usage in ransomware campaigns or by specific threat actors are not widely detailed in public security advisories [2].
  • Proof-of-Concept: Public information regarding the availability of specific exploit tools or proof-of-concept code is limited, though the nature of the vulnerability is well-understood by the security community [1].

Sources

  1. CVE-2021-21311 - Exploits & Severity - Feedly

    Threat Intelligence Report CVE-2021-21311 is a critical vulnerability in the database administration software Adminer, published in February 2021. The vulnerability allows remote attackers to execute arbitrary code on the server. There are currently no known proof-of-concept exploits, but users are…

  2. CVE-2021-21311 Detail - NVD

    This CVE is in CISA's Known Exploited Vulnerabilities Catalog. Reference CISA's BOD 22-01 and Known Exploited Vulnerabilities Catalog for further guidance and ...

  3. CVE-2021-21311 | High Vulnerability in Adminer

    High-severity server-side request forgery in Adminer. Exploitable via network with low complexity. Patch to prevent sensitive data exposure. ... The vulnerability identified as CVE-2021-21311 allows for server-side request forgery. This issue specifically affects Adminer versions prior to 4.7.9. The…

  4. CVE-2021-21311: Adminer SSRF Vulnerability - SentinelOne

    CVE-2021-21311 is a server-side request forgery flaw in Adminer database management tool that affects versions 4.0.0 to 4.7.8. This article covers the technical details, affected versions, security impact, and mitigation. Published: February 25, 2026 ... CVE-2021-21311 is a server-side request forge…

Generated by PatchNow Intelligence System

Analysis based on CIRCL.LU data, Claude AI assessment, and MITRE ATT&CK framework

📄 Download JSON Data | 📡 RSS Feed