CVE-2021-28940

EPSS 4.58% · P89 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-28940

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Because of a incorrect escaped exec command in MagpieRSS in 0.72 in the /extlib/Snoopy.class.inc file, it is possible to add a extra command to the curl binary. This creates an issue on the /scripts/magpie_debug.php and /scripts/magpie_simple.php page that if you send a specific https url in the RSS URL field, you are able to execute arbitrary commands.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

MagpieRSS 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

MagpieRSS in 0.72 存在安全漏洞，该漏洞源于/extlib/Snoopy.class.inc命令转义错误，攻击者可利用该漏洞执行任意命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-28940

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-28940

请登录查看更多情报信息。

https://github.com/kellan/magpierss/blob/04d2a88b97fdba5813d01dc0d56c772d97360bb5/extlib/Snoopy.class.inc#L660x_refsource_MISC
https://www.exploit-db.com/exploits/49643x_refsource_MISC
https://pastebin.com/kpzHKKJux_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-28940

Same Patch Batch · n/a · 2021-04-02 · 35 CVEs total

CVE-2021-28113	6.7 MEDIUM	Okta Access Gateway 操作系统命令注入漏洞
CVE-2021-29011		DMA Softlab Radius Manager 跨站脚本漏洞
CVE-2019-20465		de Consumentenbond Sannce Smart HD Baby Monitor 安全漏洞
CVE-2019-20464		de Consumentenbond Sannce Smart HD Baby Monitor 授权问题漏洞
CVE-2019-20463		de Consumentenbond Sannce Smart HD Baby Monitor 安全漏洞
CVE-2021-28124		Cohesity DataPlatform 访问控制错误漏洞
CVE-2021-28123		Cohesity DataPlatform 信任管理问题漏洞
CVE-2021-29652		Caleb Doxsey Pomerium 输入验证错误漏洞
CVE-2021-29651		Caleb Doxsey Pomerium 输入验证错误漏洞
CVE-2019-20466		de Consumentenbond Sannce Smart HD Baby Monitor 安全漏洞
CVE-2021-29012		DMA Softlab Radius Manager 授权问题漏洞
CVE-2021-25894		Magnolia CMS 跨站脚本漏洞
CVE-2021-25893		Magnolia CMS 跨站脚本漏洞
CVE-2021-30000		SOURCEFORGE 组织 SOURCEFORGE LATRIX SQL注入漏洞
CVE-2021-30003		Nokia G-120W-F 跨站脚本漏洞
CVE-2021-30002		Linux kernel 安全漏洞
CVE-2021-30004		wpa_supplicant and hostapd 输入验证错误漏洞
CVE-2021-29661		Softing AG OPC Toolbox 跨站脚本漏洞
CVE-2020-27600		D-Link Router 操作系统命令注入漏洞
CVE-2020-21590		WUZHI CMS 路径遍历漏洞

Showing top 20 of 35 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-28940

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-28940

I. Basic Information for CVE-2021-28940

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-28940

III. Intelligence Information for CVE-2021-28940

Same Patch Batch · n/a · 2021-04-02 · 35 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-28940

Leave a comment