{"vulnerability": "CVE-2021-2065", "sightings": [{"uuid": "5f17537b-408a-4bcf-b517-4e059bdd68e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20655", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "1ef25da2-8933-47fd-9a80-6281deaf48e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20658", "type": "seen", "source": "https://t.me/cibsecurity/24054", "content": "\u203c CVE-2021-20658 \u203c\n\nSolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-24T14:36:28.000000Z"}, {"uuid": "03275f78-d6ff-48fe-a840-b95786bdb964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20651", "type": "seen", "source": "https://t.me/cibsecurity/23527", "content": "\u203c CVE-2021-20651 \u203c\n\nDirectory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T12:43:33.000000Z"}, {"uuid": "fee97b2d-7e0e-4168-9988-dfb2bd30d66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20659", "type": "seen", "source": "https://t.me/cibsecurity/24052", "content": "\u203c CVE-2021-20659 \u203c\n\nSolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to upload arbitrary files via unspecified vectors. If the file is PHP script, an attacker may execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-24T14:36:27.000000Z"}, {"uuid": "c5a1e520-61f8-4400-9d1b-f2c16d8f7c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20655", "type": "seen", "source": "https://t.me/cibsecurity/23696", "content": "\u203c CVE-2021-20655 \u203c\n\nFileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-17T07:48:25.000000Z"}, {"uuid": "6b00552d-23c5-4e5c-a0c2-06f7c70e8b06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20653", "type": "seen", "source": "https://t.me/cibsecurity/23695", "content": "\u203c CVE-2021-20653 \u203c\n\nCalsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, CSDJ-D 01.08.00 and earlier, and CSDJ-A 03.08.00 and earlier) allows remote attackers to bypass access restriction and to obtain unauthorized historical data without access privileges via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-17T07:48:24.000000Z"}, {"uuid": "31ff5af1-ddac-4a58-a0ed-2993be64ca1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20650", "type": "seen", "source": "https://t.me/cibsecurity/23529", "content": "\u203c CVE-2021-20650 \u203c\n\nCross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector. As a result, the device settings may be altered and/or telnet daemon may be started.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T12:43:35.000000Z"}, {"uuid": "27c1382d-151f-4e54-9776-6e83cb109c29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20652", "type": "seen", "source": "https://t.me/cibsecurity/23158", "content": "\u203c CVE-2021-20652 \u203c\n\nCross-site request forgery (CSRF) vulnerability in Name Directory 1.17.4 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-05T16:35:28.000000Z"}, {"uuid": "c9947ee1-d0c0-46e0-94c3-10ce2e1a4f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20657", "type": "seen", "source": "https://t.me/cibsecurity/24057", "content": "\u203c CVE-2021-20657 \u203c\n\nImproper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain and/or alter the setting information without the access privilege via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-24T14:36:34.000000Z"}, {"uuid": "e3f37c77-357e-43d2-a202-e952c82b254d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20656", "type": "seen", "source": "https://t.me/cibsecurity/24056", "content": "\u203c CVE-2021-20656 \u203c\n\nExposure of information through directory listing in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticated attacker to obtain the information inside the system, such as directories and/or file configurations via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-24T14:36:33.000000Z"}, {"uuid": "a50d4118-643b-4cf4-8c3e-40fff34165b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20655", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2759", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 15-21)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-1647 - MS Defender RCE Vulnerability\nhttps://www.anquanke.com/post/id/231625\nCVE-2020-10759 - Dazed Blesbok\nhttps://t.me/cybersecuritytechnologies/1243\nCVE-2021-21976 - VMware Post-Auth RCE in vSphere Replication\nCVE-2021-3177 - Python 3 Buffer Overflow\nhttps://t.me/cybersecuritytechnologies/2740\nCVE-2020-8625 - A vulnerability in BIND's GSSAPI\nhttps://kb.isc.org/docs/cve-2020-8625\nCVE-2021-20655\nhttps://jvn.jp/en/jp/JVN58774946/index.html\nCVE-2021-1366 - A vulnerability in the interprocess communication channel of Cisco AnyConnect Secure Client\nhttps://www.coresecurity.com/core-labs/articles/analysis-cisco-anyconnect-posture-hostscan-local-privilege-escalation-cve-2021", "creation_timestamp": "2021-02-22T14:45:11.000000Z"}]}