Share
## https://sploitus.com/exploit?id=744FC211-CAE1-50E4-A6CD-C1165C5F529E
# CVE-2021-3007 Vulnerable Test Environment

[![Docker](https://img.shields.io/badge/Docker-Required-blue?logo=docker)](https://www.docker.com/)
[![CVE](https://img.shields.io/badge/CVE-2021--3007-red)](https://nvd.nist.gov/vuln/detail/CVE-2021-3007)
[![CVSS](https://img.shields.io/badge/CVSS-9.8%20Critical-critical)](https://nvd.nist.gov/vuln/detail/CVE-2021-3007)

Intentionally vulnerable test environment for validating CVE-2021-3007 detection in security scanners.

## Vulnerability Overview

| Attribute | Value |
|-----------|-------|
| **CVE ID** | CVE-2021-3007 |
| **Severity** | Critical (CVSS 9.8) |
| **Type** | Insecure Deserialization โ†’ RCE |
| **Affected** | Laminas HTTP  **WARNING**: This environment is intentionally vulnerable for security testing purposes only.

**DO NOT:**
- Expose to public networks
- Deploy in production environments
- Leave running unattended
- Use for malicious purposes

**DO:**
- Use in isolated test environments
- Stop containers when not in use
- Use for legitimate security research only

## References

- [NVD - CVE-2021-3007](https://nvd.nist.gov/vuln/detail/CVE-2021-3007)
- [GitHub Advisory - GHSA-xx8f-qf9f-5fgw](https://github.com/advisories/GHSA-xx8f-qf9f-5fgw)
- [Laminas Security Release](https://github.com/laminas/laminas-http/releases/tag/2.14.2)
- [CheckPoint Research - FreakOut](https://research.checkpoint.com/2021/freakout-leveraging-newest-vulnerabilities-for-creating-a-botnet/)
- [Ambionics Research](https://www.ambionics.io/blog/zend-framework-deserialization)

## License

MIT License - For security research and educational purposes only.

---

**Created for nuclei template validation** | [projectdiscovery/nuclei-templates](https://github.com/projectdiscovery/nuclei-templates)