CVE-2021-47756

Laravel Valet 2.0.3 - Local Privilege Escalation (macOS)

Description

Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication.

INFO

Published Date :

2026-01-15T23:25:35.938Z

Last Modified :

2026-01-16T16:15:38.890Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2021-47756 vulnerability.

Vendors	Products
Laravel	Valet

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47756.

URL	Resource
https://laravel.com/docs/8.x/valet
https://www.exploit-db.com/exploits/50591
https://www.vulncheck.com/advisories/laravel-valet-local-privilege-escalation-macos

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact