https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 07:04:37 +0000 https://vulnerability.circl.lu/sighting/9db3bc11-a33f-4e65-8c28-6b64b16793e5/export {"uuid": "9db3bc11-a33f-4e65-8c28-6b64b16793e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37748", "type": "seen", "source": "https://t.me/cibsecurity/31366", "content": "\u203c CVE-2021-37748 \u203c\n\nMultiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a crafted manage_if setting, thus bypassing the intended restrictions of this shell and taking full control of the device. There are default weak credentials that can be used to authenticate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-28T16:23:14.000000Z"} {"uuid": "9db3bc11-a33f-4e65-8c28-6b64b16793e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37748", "type": "seen", "source": "https://t.me/cibsecurity/31366", "content": "\u203c CVE-2021-37748 \u203c\n\nMultiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a crafted manage_if setting, thus bypassing the intended restrictions of this shell and taking full control of the device. There are default weak credentials that can be used to authenticate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-28T16:23:14.000000Z"} https://vulnerability.circl.lu/sighting/9db3bc11-a33f-4e65-8c28-6b64b16793e5/export Thu, 28 Oct 2021 16:23:14 +0000 https://vulnerability.circl.lu/sighting/962cba51-ce79-4ea5-8b2b-7ac6cc1b6eba/export {"uuid": "962cba51-ce79-4ea5-8b2b-7ac6cc1b6eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37748", "type": "published-proof-of-concept", "source": "Telegram/sOfZ8THCb3p8hX66T35TvVl2N3UfkRp46p4RZ9gZSAbn6g", "content": "", "creation_timestamp": "2021-10-29T18:51:58.000000Z"} {"uuid": "962cba51-ce79-4ea5-8b2b-7ac6cc1b6eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37748", "type": "published-proof-of-concept", "source": "Telegram/sOfZ8THCb3p8hX66T35TvVl2N3UfkRp46p4RZ9gZSAbn6g", "content": "", "creation_timestamp": "2021-10-29T18:51:58.000000Z"} https://vulnerability.circl.lu/sighting/962cba51-ce79-4ea5-8b2b-7ac6cc1b6eba/export Fri, 29 Oct 2021 18:51:58 +0000 https://vulnerability.circl.lu/sighting/ceb997cf-628b-46f1-9f67-bb00bfe1f28e/export {"uuid": "ceb997cf-628b-46f1-9f67-bb00bfe1f28e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37748", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4614", "content": "#exploit\n1. Exploiting Grandstream HT801 ATA\n(CVE-2021-37748, CVE-2021-37915)\nhttps://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915\n]-> PoC: https://github.com/SECFORCE/CVE-2021-37748\n\n2. Finding An Unauthenticated RCE in MovableType (CVE-2021-20837)\nhttps://nemesis.sh/posts/movable-type-0day\n]-> PoC: https://github.com/ghost-nemesis/cve-2021-20837-poc", "creation_timestamp": "2024-08-05T18:55:24.000000Z"} {"uuid": "ceb997cf-628b-46f1-9f67-bb00bfe1f28e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37748", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4614", "content": "#exploit\n1. Exploiting Grandstream HT801 ATA\n(CVE-2021-37748, CVE-2021-37915)\nhttps://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915\n]-> PoC: https://github.com/SECFORCE/CVE-2021-37748\n\n2. Finding An Unauthenticated RCE in MovableType (CVE-2021-20837)\nhttps://nemesis.sh/posts/movable-type-0day\n]-> PoC: https://github.com/ghost-nemesis/cve-2021-20837-poc", "creation_timestamp": "2024-08-05T18:55:24.000000Z"} https://vulnerability.circl.lu/sighting/ceb997cf-628b-46f1-9f67-bb00bfe1f28e/export Mon, 05 Aug 2024 18:55:24 +0000