Platform
other
Component
mini-mouse
Fixed in
9.2.1
CVE-2021-47850 describes a path traversal vulnerability discovered in Mini Mouse versions 9.2.0 through 9.2.0. This flaw allows remote attackers to bypass access controls and retrieve sensitive system files and directory listings. Successful exploitation could lead to information disclosure and potential compromise of the affected system. A fix is expected to be released by the vendor.
The path traversal vulnerability in Mini Mouse allows attackers to manipulate file and path parameters within HTTP requests to access files and directories outside of the intended scope. An attacker could, for example, request ../../../../win.ini to retrieve the Windows configuration file, or ../../../../C:/Users/Public/ to list the contents of the Public directory. This could expose sensitive configuration data, user information, or other critical system files. The blast radius extends to any system running the vulnerable version of Mini Mouse that is accessible via HTTP. While no direct precedent is immediately obvious, path traversal vulnerabilities are frequently exploited to gain unauthorized access to sensitive data.
CVE-2021-47850 was published on 2026-01-21. The EPSS score is currently unavailable, but the HIGH CVSS score indicates a significant risk. No public proof-of-concept exploits are currently known, but the vulnerability's ease of exploitation makes it a potential target for opportunistic attackers. Monitor security advisories from the Mini Mouse vendor for updates.
Exploit Status
EPSS
0.30% (53% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2021-47850 is to upgrade to a patched version of Mini Mouse as soon as it becomes available. In the interim, implement restrictive Web Application Firewall (WAF) rules to prevent requests containing path traversal sequences (e.g., ../, ..\). Carefully review and restrict file access permissions within the Mini Mouse application to limit the potential impact of a successful attack. Consider implementing input validation and sanitization to prevent malicious path manipulation. After upgrading, confirm the vulnerability is resolved by attempting a path traversal request and verifying that access is denied.
Update to a patched version or uninstall the Mini Mouse application. The vulnerability allows access to sensitive system files, so it is crucial to take immediate action.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2021-47850 is a vulnerability in Mini Mouse versions 9.2.0-9.2.0 that allows attackers to access files outside of the intended directory using crafted HTTP requests.
If you are running Mini Mouse version 9.2.0, you are potentially affected by this vulnerability. Check with the vendor for a patch.
The recommended fix is to upgrade to a patched version of Mini Mouse as soon as it becomes available. In the meantime, use a WAF to restrict access.
No active exploitation has been confirmed at this time, but the vulnerability's ease of exploitation makes it a potential target.
Refer to the Mini Mouse vendor's website or security advisories for the official advisory regarding CVE-2021-47850.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.