← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-3129 — Actively Exploited: Ignition (Laravel)

Laravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().

CVE IDCVE-2021-3129
VendorLaravel
ProductIgnition
Vulnerability nameLaravel Ignition File Upload Vulnerability
Date added2023-09-18
Remediation due2023-10-09
Known ransomware useKnown
Required actionApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
DescriptionLaravel Ignition contains a file upload vulnerability that allows unauthenticated remote attackers to execute malicious code due to insecure usage of file_get_contents() and file_put_contents().
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →