Cyber Resilience

CVE-2021-35485

High

Published: 03 March 2026

Published
03 March 2026
Modified
05 March 2026
KEV Added
Patch
CVSS Score v3.1 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0006 19.8th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-35485 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Nokia Impact. Its CVSS base score is 8.0 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Web Shell (T1505.003); ranked at the 19.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2021-35485 is a vulnerability in the Applications component of Nokia IMPACT versions through 19.11.2.10-20210118042150283. It enables an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This upload can occur during the addition of a new application or the editing of an existing one, corresponding to CWE-434 (Unrestricted Upload of File with Dangerous Type).

The vulnerability has a CVSS v3.1 base score of 8.0 (AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating exploitation requires adjacent network access, low attack complexity, low privileges, and no user interaction. An authenticated attacker can leverage this to upload and potentially execute arbitrary server-side files, resulting in high impacts to confidentiality, integrity, and availability, such as full server compromise.

Advisories and mitigation guidance are detailed in the Gruppo TIM Red Team report at https://www.gruppotim.it/it/footer/red-team/2021/Motive-Impact-CVE-2021-35485.html, the Nokia IMPACT IoT platform page at https://www.nokia.com/networks/solutions/impact-iot-platform/, and Nokia's responsible disclosure notice at https://www.nokia.com/notices/responsible-disclosure/. The CVE was published on 2026-03-03T18:16:20.910.

EU & UK References

Vulnerability details

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an…

more

existing one.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1505.003 Web Shell Persistence
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Why these techniques?

Unrestricted file upload of server-side executables (CWE-434) directly enables web shell deployment on the target application server.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2021-35484Same product: Nokia Impact
CVE-2026-22241Shared CWE-434
CVE-2025-23942Shared CWE-434
CVE-2026-4808Shared CWE-434
CVE-2024-56264Shared CWE-434
CVE-2024-56249Shared CWE-434
CVE-2024-55417Shared CWE-434
CVE-2025-46384Shared CWE-434
CVE-2025-13516Shared CWE-434
CVE-2024-13011Shared CWE-434

Affected Assets

nokia
impact
≤ 19.11.2.10-20210118042150283

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the specific flaw in Nokia IMPACT's Applications component that allows unrestricted upload of server-side executable files.

prevent

Enforces validation of files uploaded via the /ui/rest-proxy/application fileupload parameter to block dangerous executable types.

preventdetect

Deploys malicious code protection to scan and block uploaded server-side executables from execution.

References