CVE-2021-25631

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.

Published: May 3, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-25631
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
libreoffice / libreoffice	7.1.0	7.1.2
libreoffice / libreoffice	7.0.0	7.0.5

https://positive.security/blog/url-open-rce#open-libreoffice
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/

Vulnerability Database

289,697

CVE-2021-25631