{"vulnerability": "CVE-2021-2061", "sightings": [{"uuid": "9d49d22b-7cf4-4317-b5e4-e407d5ad61a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20617", "type": "published-proof-of-concept", "source": "Telegram/o9jdQwy18DMsF99wo6Zn2RTKWm1b295QBP4XE2j0Ry8AZi0", "content": "", "creation_timestamp": "2023-02-19T21:50:11.000000Z"}, {"uuid": "12938d80-4aee-48f4-b66b-940244f366b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20617", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "1422eb2f-e7ac-49ec-9d61-a3e897f35739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20617", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3maelnhxkkc2t", "content": "", "creation_timestamp": "2025-12-19T21:03:08.964044Z"}, {"uuid": "76d1a7b7-42d8-4c72-9337-4849b99d5f12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20619", "type": "published-proof-of-concept", "source": "Telegram/o9jdQwy18DMsF99wo6Zn2RTKWm1b295QBP4XE2j0Ry8AZi0", "content": "", "creation_timestamp": "2023-02-19T21:50:11.000000Z"}, {"uuid": "37dbbec6-21fb-4fd3-86a5-6234241308d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20617", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7778", "content": "#tools\n#Blue_Team_Techniques\n1. A repository to share publicly available Velociraptor detection content\nhttps://github.com/mgreen27/DetectRaptor\n2. Dissecting the Vulnerabilities (CVE-2021-20617, CVE-2021-20619) - A Comprehensive Teardown of acmailer's N-Days\nhttps://starlabs.sg/blog/2023/02-dissecting-the-vulnerabilities-a-comprehensive-teardown-of-acmailer", "creation_timestamp": "2023-10-29T19:15:00.000000Z"}, {"uuid": "ad391683-dad1-4f0e-a8f4-2e843a2f2dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20611", "type": "seen", "source": "https://t.me/arpsyndicate/80", "content": "#ExploitObserverAlert\n\nCVE-2021-20611\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-20611. Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions \"24\" and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"57\" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"28\" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions \"29\" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions \"08\" and prior, Mitsubishi Electric MELSEC iQ-R Series R16/32/64MTCPU Operating system software version \"23\" and prior, Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V Firmware versions \"16\" and prior, Mitsubishi Electric MELSEC Q Series Q03UDECPU The first 5 digits of serial No. \"23121\" and prior, Mitsubishi Electric MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No. \"23121\" and prior, Mitsubishi Electric MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. \"23071\" and prior, Mitsubishi Electric MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. \"23071\" and prior, Mitsubishi Electric MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. \"24031\" and prior, Mitsubishi Electric MELSEC Q Series Q24DHCCPU-V(G) The first 5 digits of serial No. \"24031\" and prior, Mitsubishi Electric MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No. \"24031\" and prior, Mitsubishi Electric MELSEC Q Series MR-MQ100 Operating system software version \"F\" and prior, Mitsubishi Electric MELSEC Q Series Q172/173DCPU-S1 Operating system software version \"W\" and prior, Mitsubishi Electric MELSEC Q Series Q172/173DSCPU All versions, Mitsubishi Electric MELSEC Q Series Q170MCPU Operating system software version \"W\" and prior, Mitsubishi Electric MELSEC Q Series Q170MSCPU(-S1) All versions, Mitsubishi Electric MELSEC L Series L02/06/26CPU(-P) The first 5 digits of serial No. \"23121\" and prior, Mitsubishi Electric MELSEC L Series L26CPU-(P)BT The first 5 digits of serial No. \"23121\" and prior and Mitsubishi Electric MELIPC Series MI5122-VW Firmware versions \"05\" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.\n\nFIRST-EPSS: 0.002100000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-11T04:31:22.000000Z"}, {"uuid": "f0db356a-1963-4a64-9cd8-d61a3f0fa908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20610", "type": "seen", "source": "https://t.me/arpsyndicate/75", "content": "#ExploitObserverAlert\n\nCVE-2021-20610\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-20610. Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions \"24\" and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"57\" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions \"28\" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions \"29\" and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120PSFCPU Firmware versions \"08\" and prior, Mitsubishi Electric MELSEC iQ-R Series R16/32/64MTCPU Operating system software version \"23\" and prior, Mitsubishi Electric MELSEC iQ-R Series R12CCPU-V Firmware versions \"16\" and prior, Mitsubishi Electric MELSEC Q Series Q03UDECPU The first 5 digits of serial No. \"23121\" and prior, Mitsubishi Electric MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU The first 5 digits of serial No. \"23121\" and prior, Mitsubishi Electric MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. \"23071\" and prior, Mitsubishi Electric MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. \"23071\" and prior, Mitsubishi Electric MELSEC Q Series Q12DCCPU-V The first 5 digits of serial No. \"24031\" and prior, Mitsubishi Electric MELSEC Q Series Q24DHCCPU-V(G) The first 5 digits of serial No. \"24031\" and prior, Mitsubishi Electric MELSEC Q Series Q24/26DHCCPU-LS The first 5 digits of serial No. \"24031\" and prior, Mitsubishi Electric MELSEC Q Series MR-MQ100 Operating system software version \"F\" and prior, Mitsubishi Electric MELSEC Q Series Q172/173DCPU-S1 Operating system software version \"W\" and prior, Mitsubishi Electric MELSEC Q Series Q172/173DSCPU All versions, Mitsubishi Electric MELSEC Q Series Q170MCPU Operating system software version \"W\" and prior, Mitsubishi Electric MELSEC Q Series Q170MSCPU(-S1) All versions, Mitsubishi Electric MELSEC L Series L02/06/26CPU(-P) The first 5 digits of serial No. \"23121\" and prior, Mitsubishi Electric MELSEC L Series L26CPU-(P)BT The first 5 digits of serial No. \"23121\" and prior and Mitsubishi Electric MELIPC Series MI5122-VW Firmware versions \"05\" and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.\n\nFIRST-EPSS: 0.002200000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-11T04:09:39.000000Z"}, {"uuid": "aac475f0-9bd3-4fa0-8464-14183593dfe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20610", "type": "seen", "source": "https://t.me/cibsecurity/33211", "content": "\u203c CVE-2021-20610 \u203c\n\nImproper Handling of Length Parameter Inconsistency vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions \"24\" and prior, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"57\" and prior, MELSEC iQ-R Series R08/16/32/120SFCPU All versions, MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions \"29\" and prior, MELSEC iQ-R Series R08/16/32/120PSFCPU All versions, MELSEC iQ-R Series R16/32/64MTCPU All versions, MELSEC iQ-R Series R12CCPU-V All versions, MELSEC Q Series Q03UDECPU All versions, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU All versions, MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. \"23071\" and prior, MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. \"23071\" and prior, MELSEC Q Series Q12DCCPU-V All versions, MELSEC Q Series Q24DHCCPU-V(G) All versions, MELSEC Q Series Q24/26DHCCPU-LS All versions, MELSEC Q Series MR-MQ100 All versions, MELSEC Q Series Q172/173DCPU-S1 All versions, MELSEC Q Series Q172/172DSCPU All versions, MELSEC Q Series Q170MCPU All versions, MELSEC Q Series Q170MSCPU(-S1) All versions, MELSEC L Series L02/06/26CPU(-P) All versions, MELSEC L Series L26CPU-(P)BT All versions and MELIPC Series MI5122-VW All versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T18:40:08.000000Z"}, {"uuid": "2237a205-081e-4c66-8964-9356b376d6af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20611", "type": "seen", "source": "https://t.me/cibsecurity/33209", "content": "\u203c CVE-2021-20611 \u203c\n\nImproper Input Validation vulnerability in MELSEC iQ-R Series R00/01/02CPU Firmware versions \"24\" and prior, MELSEC iQ-R Series R04/08/16/32/120(EN)CPU Firmware versions \"57\" and prior, MELSEC iQ-R Series R08/16/32/120SFCPU All versions, MELSEC iQ-R Series R08/16/32/120PCPU Firmware versions \"29\" and prior, MELSEC iQ-R Series R08/16/32/120PSFCPU All versions, MELSEC iQ-R Series R16/32/64MTCPU All versions, MELSEC iQ-R Series R12CCPU-V All versions, MELSEC Q Series Q03UDECPU All versions, MELSEC Q Series Q04/06/10/13/20/26/50/100UDEHCPU All versions, MELSEC Q Series Q03/04/06/13/26UDVCPU The first 5 digits of serial No. \"23071\" and prior, MELSEC Q Series Q04/06/13/26UDPVCPU The first 5 digits of serial No. \"23071\" and prior, MELSEC Q Series Q12DCCPU-V All versions, MELSEC Q Series Q24DHCCPU-V(G) All versions, MELSEC Q Series Q24/26DHCCPU-LS All versions, MELSEC Q Series MR-MQ100 All versions, MELSEC Q Series Q172/173DCPU-S1 All versions, MELSEC Q Series Q172/172DSCPU All versions, MELSEC Q Series Q170MCPU All versions, MELSEC Q Series Q170MSCPU(-S1) All versions, MELSEC L Series L02/06/26CPU(-P) All versions, MELSEC L Series L26CPU-(P)BT All versions and MELIPC Series MI5122-VW All versions allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition by sending specially crafted packets. System reset is required for recovery.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T18:40:06.000000Z"}, {"uuid": "4fc299c2-160c-4075-9d8b-2e72cdb0ca49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20619", "type": "seen", "source": "https://t.me/cibsecurity/22251", "content": "\u203c CVE-2021-20619 \u203c\n\nCross-site scripting vulnerability in GROWI (v4.2 Series) versions prior to v4.2.3 allows remote attackers to inject an arbitrary script via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-19T07:55:32.000000Z"}, {"uuid": "c1a71fbd-f270-4e03-9914-4ca358074024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20618", "type": "seen", "source": "https://t.me/cibsecurity/22151", "content": "\u203c CVE-2021-20618 \u203c\n\nPrivilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, and acmailer DB ver. 1.1.4 and earlier allows remote attackers to bypass authentication and to gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T16:49:34.000000Z"}, {"uuid": "9f227ea8-aaf8-4ced-a5be-cc49f81ab1d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20612", "type": "seen", "source": "https://t.me/cibsecurity/35617", "content": "\u203c CVE-2021-20612 \u203c\n\nLack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware version 1.14 and prior, FX3U-ENET-L Firmware version 1.14 and prior and FX3U-ENET-P502 Firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a denial-of-service (DoS) condition in communication function of the product or other unspecified effects by sending specially crafted packets to an unnecessary opening of TCP port. Control by MELSEC-F series PLC is not affected by this vulnerability, but system reset is required for recovery.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-14T22:25:37.000000Z"}, {"uuid": "c945b226-e201-47b0-81b7-bfbc9ef63458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20617", "type": "seen", "source": "https://t.me/cibsecurity/22152", "content": "\u203c CVE-2021-20617 \u203c\n\nImproper access control vulnerability in acmailer ver. 4.0.1 and earlier, and acmailer DB ver. 1.1.3 and earlier allows remote attackers to execute an arbitrary OS command, or gain an administrative privilege which may result in obtaining the sensitive information on the server via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T16:49:36.000000Z"}, {"uuid": "55b2791c-92d6-4bbe-b03d-ffb571ff79ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20619", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7778", "content": "#tools\n#Blue_Team_Techniques\n1. A repository to share publicly available Velociraptor detection content\nhttps://github.com/mgreen27/DetectRaptor\n2. Dissecting the Vulnerabilities (CVE-2021-20617, CVE-2021-20619) - A Comprehensive Teardown of acmailer's N-Days\nhttps://starlabs.sg/blog/2023/02-dissecting-the-vulnerabilities-a-comprehensive-teardown-of-acmailer", "creation_timestamp": "2023-10-29T19:15:00.000000Z"}]}