{"id":"CVE-2021-26758","details":"Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows attackers to gain root terminal access and execute commands on the host system.","modified":"2026-04-10T04:31:21.237201Z","published":"2021-04-07T21:15:16.090Z","references":[{"type":"EVIDENCE","url":"https://docs.unsafe-inline.com/0day/openlitespeed-web-server-1.7.8-command-injection-to-privilege-escalation-cve-2021-26758"},{"type":"EVIDENCE","url":"https://github.com/litespeedtech/openlitespeed/issues/217"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/49556"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/litespeedtech/openlitespeed","events":[{"introduced":"0"},{"last_affected":"f7f66a3c2bdbdd6b57ef8582e64c1921f5a9ee7c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.7.8"}]}}],"versions":["v1.0.4","v1.3","v1.3.2","v1.4.0","v1.4.1","v1.4.2","v1.5.0","v1.5.0rc6","v1.5.2","v1.6.3","v1.7.0","v1.7.1","v1.7.2","v1.7.3","v1.7.4","v1.7.5","v1.7.6","v1.7.7","v1.7.8"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-26758.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}