CVE-2021-47757
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-15

Last updated on: 2026-01-15

Assigner: VulnCheck

Description
Chikitsa Patient Management System 2.0.2 contains an authenticated remote code execution vulnerability in the backup restoration functionality. Authenticated attackers can upload a modified backup zip file with a malicious PHP shell to execute arbitrary system commands on the server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-15
Last Modified
2026-01-15
Generated
2026-06-16
AI Q&A
2026-01-16
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47757
EUVD
EUVD-2026-2778
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
sanskruti_technologies chikitsa 2.0.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47757 is an authenticated remote code execution vulnerability in Chikitsa Patient Management System version 2.0.2. An attacker with valid credentials can download a backup ZIP file of the system, modify it by injecting a malicious PHP web shell into the backup, and then re-upload the modified backup. Once restored, this backdoor allows the attacker to execute arbitrary system commands on the server remotely. [1]

Impact Analysis

This vulnerability allows an authenticated attacker to execute arbitrary system commands on the server hosting the Chikitsa Patient Management System. This can lead to full compromise of the server, unauthorized access to sensitive patient data, disruption of healthcare services, and potential further attacks on the network or connected systems. [1]

Detection Guidance

This vulnerability can be detected by checking for the presence of the malicious PHP shell file named 'rce.php' in the '/uploads/restore_backup/uploads/media/' directory on the server. You can also monitor HTTP requests to the endpoints '/index.php/login/valid_signin', '/index.php/settings/take_backup/', and '/index.php/settings/restore_backup' for suspicious activity involving backup download and restoration. Additionally, you can try accessing the backdoor by sending a command via the 'cmd' parameter to '/uploads/restore_backup/uploads/media/rce.php'. For example, you can use curl commands to test for the backdoor: 1. Check if the backdoor exists: curl -I http://<server>/uploads/restore_backup/uploads/media/rce.php 2. Execute a simple command: curl "http://<server>/uploads/restore_backup/uploads/media/rce.php?cmd=whoami" Replace <server> with your server's address. These steps require authenticated access to the system to fully verify the vulnerability. [1]

Mitigation Strategies

Immediate mitigation steps include restricting and monitoring authenticated access to the Chikitsa Patient Management System, especially to the backup and restore functionalities. Disable or restrict the ability to upload and restore backups until a patch or fix is applied. Inspect the server for any uploaded 'rce.php' or similar suspicious files in the '/uploads/restore_backup/uploads/media/' directory and remove them. Implement strict access controls and logging to detect unauthorized backup restoration attempts. Consider applying any available updates or patches from the vendor or community to fix this vulnerability. If no patch is available, consider isolating the affected system from the network to prevent exploitation. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47757. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart