{"uuid": "dba2965b-cedb-483a-beb6-a00dddc13f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25281", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2803", "content": "#exploit\n1. CVE-2021-27403:\nAskey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS\nhttps://github.com/bokanrb/CVE-2021-27403\n\n2. CVE-2021-27404:\nAskey RTF8115VW Internet Fiber Modem - Authenticated Host Header Injection\nhttps://github.com/bokanrb/CVE-2021-27404 \n\n]-> Chaining CVE-2021-25281 and CVE-2021-25282 to exploit a SaltStack:\nhttps://github.com/Immersive-Labs-Sec/CVE-2021-25281", "creation_timestamp": "2024-06-24T21:17:07.000000Z"}