CVE-2021-35485 in Impact
Summary
by MITRE • 03/03/2026
The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an existing one.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 03/04/2026
The vulnerability identified as CVE-2021-35485 affects the Nokia IMPACT applications component, specifically versions through 19.11.2.10-20210118042150283. This represents a critical server-side file upload vulnerability that enables authenticated attackers to execute arbitrary code on the affected system. The flaw exists within the /ui/rest-proxy/application fileupload parameter, which is accessible during both the creation and modification of applications within the platform. The vulnerability stems from insufficient input validation and sanitization mechanisms that fail to properly restrict file types and contents during the upload process, creating a pathway for malicious file execution.
This security weakness falls under CWE-434, which specifically addresses "Unrestricted Upload of File with Dangerous Type" and aligns with ATT&CK technique T1190, "Exploit Public-Facing Application." The vulnerability's impact is significant as it allows an authenticated user to bypass normal security controls and upload executable files directly to the server. Attackers can leverage this to deploy web shells, backdoors, or other malicious payloads that persist on the system and provide ongoing access. The authenticated nature of the vulnerability means that an attacker must first obtain valid credentials, but once achieved, the privilege escalation potential is substantial.
The operational consequences of this vulnerability extend beyond immediate code execution capabilities. The affected Nokia IMPACT platform serves as an application management system, making it a prime target for attackers seeking to compromise enterprise environments. Successful exploitation could lead to complete system compromise, data exfiltration, and lateral movement within the network. The vulnerability's presence in both new application creation and existing application editing workflows increases the attack surface and makes detection more challenging. Organizations using this platform face elevated risk of persistent threats, as the uploaded malicious files can remain undetected while maintaining access to the compromised infrastructure.
Mitigation strategies should prioritize immediate patching of the affected Nokia IMPACT versions to address the root cause of the vulnerability. Organizations should implement strict file type validation and content inspection mechanisms that prevent the upload of executable files or scripts. Network segmentation and monitoring solutions should be deployed to detect anomalous file upload activities and unusual network behavior associated with command execution. Additionally, privileged access controls should be enforced through multi-factor authentication and principle of least privilege models. The implementation of web application firewalls and intrusion detection systems can provide additional layers of protection against exploitation attempts. Regular security assessments and vulnerability scanning should be conducted to identify similar weaknesses in related systems and prevent future incidents.