Exploit for CVE-2021-28164

  1. Home
  2. Uncategorized
  3. Exploit for CVE-2021-28164

Exploit for CVE-2021-28164

In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. For example a request to /context/%2e/WEB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.

Published: 2021-04-01

CVSS: 5.3

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Download Exploit for CVE-2021-28164 here:

Use Tor Browser to access .onion links.

Check our team here:

https://wednesfieldacademy.com/exploit-20-cve-2025-53783/

https://wednesfieldacademy.com/exploit-232-cve-2018-7841/

https://wednesfieldacademy.com/exploit-209-cve-2022-0001/

https://wednesfieldacademy.com/exploit-419-cve-2005-3299/

https://wednesfieldacademy.com/exploit-734-cve-2022-45047/

Latest News

Follow us on Social Media

Popular Pages

Contact Info

Wednesfield Academy
Lichfield Road
Wednesfield, Wolverhampton
West Midlands
WV11 3ES

T: 01902 558 222

postbox@wednesfieldacademy.co.uk

Monday - Thursday: 8:00 am - 4:00 pm
Friday: 8:00 am - 3:30 pm

Copyright 2026 © All Rights Reserved

 Privacy Notice

CEOP-1

Loading