CVE-2021-3019

EPSS 92.26% · P100 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-3019

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

ffay lanproxy 0.1 allows Directory Traversal to read /../conf/config.properties to obtain credentials for a connection to the intranet.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Ffay Lanproxy 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Ffay Lanproxy是Ffay个人开发者的一个可将局域网内服务代理到公网的内网穿透工具。 ffay lanproxy 0.1 存在路径遍历漏洞，该漏洞允许目录遍历读取/../conf/config.properties来获取到内部网连接的凭据。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-3019

#	POC Description	Source Link	Shenlong Link
1	lanproxy 目录遍历漏洞批量检测 (CVE-2021-3019)	https://github.com/B1anda0/CVE-2021-3019	POC Details
2	CVE-2021-3019 lanproxy目录遍历任意文件读取漏洞探测POC	https://github.com/0xf4n9x/CVE-2021-3019	POC Details
3	lanproxy 目录遍历漏洞批量检测用户名密码POC (CVE-2021-3019)	https://github.com/Maksim-venus/CVE-2021-3019	POC Details
4	[CVE-2021-3019] LanProxy Directory Traversal	https://github.com/murataydemir/CVE-2021-3019	POC Details
5	lanproxy(CVE-2021-3019)目录遍历	https://github.com/Aoyuh/cve-2021-3019	POC Details
6	None	https://github.com/givemefivw/CVE-2021-3019	POC Details
7	None	https://github.com/qiezi-maozi/CVE-2021-3019-Lanproxy	POC Details
8	CVE-2021-3019	https://github.com/a1665454764/CVE-2021-3019	POC Details
9	ffay lanproxy 0.1 is susceptible to a directory traversal vulnerability that could let attackers read /../conf/config.properties to obtain credentials for a connection to the intranet.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-3019.yaml	POC Details
10	None	https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Lanproxy%20%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E%20CVE-2021-3019.md	POC Details
11	None	https://github.com/chaitin/xray-plugins/blob/main/poc/manual/lanproxy-cve-2021-3019-lfi.yml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-3019

请登录查看更多情报信息。

https://github.com/maybe-why-not/lanproxy/issues/1x_refsource_MISC
https://github.com/ffay/lanproxy/commits/masterx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2021-3019

Same Patch Batch · n/a · 2021-01-05 · 31 CVEs total

CVE-2020-36158	8.8 HIGH	Linux kernel 安全漏洞
CVE-2020-36066	7.5 HIGH	Tidwall Gjson 安全漏洞
CVE-2020-36067	7.5 HIGH	Tidwall Gjson 输入验证错误漏洞
CVE-2020-36159	5.3 MEDIUM	Veritas Desktop and Laptop Option 信息泄露漏洞
CVE-2020-27845		OpenJPEG 缓冲区错误漏洞
CVE-2021-3026		Invision Community 跨站脚本漏洞
CVE-2020-23249		Gigamon GigaVUE-OS 安全漏洞
CVE-2020-23250		Gigamon GigaVUE-OS 加密问题漏洞
CVE-2020-36051		MiniCMS 路径遍历漏洞
CVE-2020-36052		MiniCMS 路径遍历漏洞
CVE-2019-20484		Viki Solutions Viki Vera 访问控制错误漏洞
CVE-2019-20483		Viki Solutions Viki Vera 跨站脚本漏洞
CVE-2020-29437		Orangehrm SQL注入漏洞
CVE-2021-22492		多款 Samsung 产品缓冲区错误漏洞
CVE-2021-22495		Samsung mobile devices 缓冲区错误漏洞
CVE-2021-22494		Samsung Note20 安全漏洞
CVE-2020-27844		OpenJPEG 输入验证错误漏洞
CVE-2021-3022		LG mobile devices 安全漏洞
CVE-2020-27843		OpenJPEG 缓冲区错误漏洞
CVE-2020-27842		OpenJPEG 缓冲区错误漏洞

Showing top 20 of 31 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-3019

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-3019

I. Basic Information for CVE-2021-3019

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2021-3019

III. Intelligence Information for CVE-2021-3019

Same Patch Batch · n/a · 2021-01-05 · 31 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-3019

Leave a comment