{"vulnerability": "CVE-2021-21315", "sightings": [{"uuid": "3966c752-07e3-4beb-8453-37efd2479d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "7e7e44dc-92c3-44fe-b832-1553e17bd51b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971216", "content": "", "creation_timestamp": "2024-12-24T20:26:00.876700Z"}, {"uuid": "1ed053f0-16f5-45be-b40d-6e97b74028ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "4709c292-3567-40b0-ba6c-29f9a3fa6b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-29)", "content": "", "creation_timestamp": "2025-03-29T00:00:00.000000Z"}, {"uuid": "06e4b574-462b-4a32-b1d2-e8fe8f1a26a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "38a53d3c-de57-4f75-a448-26201f749bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2024-11-24)", "content": "", "creation_timestamp": "2024-11-24T00:00:00.000000Z"}, {"uuid": "976b6db7-9b3d-43f9-bae4-2798a2ce6cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-30)", "content": "", "creation_timestamp": "2025-03-30T00:00:00.000000Z"}, {"uuid": "cdd825eb-ebdd-433f-9cd5-8a8ddf549751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "55c4fefc-c327-4e34-8583-27b4ff4b16d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "50db2197-ef31-436c-afcb-3f1eeaee0e37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "83053949-c647-4569-943e-35da7e62f9c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-01)", "content": "", "creation_timestamp": "2025-03-01T00:00:00.000000Z"}, {"uuid": "9c837f01-a67e-4b66-81ac-b75780b1c1af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-10)", "content": "", "creation_timestamp": "2025-02-10T00:00:00.000000Z"}, {"uuid": "68c61ea4-eaf7-486e-8cc5-218e0de61539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-22)", "content": "", "creation_timestamp": "2025-02-22T00:00:00.000000Z"}, {"uuid": "70dcd23d-7ab1-4d0a-a935-4e310f32a925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:28.000000Z"}, {"uuid": "5c51cb63-1df8-4689-b6d3-1259dafc36ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-02)", "content": "", "creation_timestamp": "2025-03-02T00:00:00.000000Z"}, {"uuid": "017191a0-457c-4efc-8d42-da06fe6d4859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-16)", "content": "", "creation_timestamp": "2025-04-16T00:00:00.000000Z"}, {"uuid": "92c80a1d-e6ac-4bfc-bfde-4fd5710899ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "bcf14ae3-2e62-4418-a770-d2046ece018d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "b3260124-1b60-44e8-8896-caff9ecc9888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-26)", "content": "", "creation_timestamp": "2025-04-26T00:00:00.000000Z"}, {"uuid": "bf7d0da9-697f-4202-b987-8c01ce11104d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "dbed4ffb-0d36-4990-865f-056b23eac6c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-28)", "content": "", "creation_timestamp": "2025-04-28T00:00:00.000000Z"}, {"uuid": "48953431-654b-46ba-ada9-3830e9ffe810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-01)", "content": "", "creation_timestamp": "2025-05-01T00:00:00.000000Z"}, {"uuid": "15ce9ffd-405d-437f-b992-483ebf89f1da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-31)", "content": "", "creation_timestamp": "2025-05-31T00:00:00.000000Z"}, {"uuid": "741ac9ec-1fdf-4b6a-8752-594cb46b4ceb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-04)", "content": "", "creation_timestamp": "2025-05-04T00:00:00.000000Z"}, {"uuid": "e4fcca8d-1582-42fe-995e-7c560ad0f2b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "https://t.me/BleepingComputer/9188", "content": "Heavily used Node.js package has a code injection vulnerability\n\nThe heavily downloaded Node.js library \"systeminformation\" has a severe command injection vulnerability tracked as CVE-2021-21315. [...]\n\nhttps://www.bleepingcomputer.com/news/security/heavily-used-nodejs-package-has-a-code-injection-vulnerability/", "creation_timestamp": "2021-02-24T12:16:02.000000Z"}, {"uuid": "ff71563f-3240-4e34-adb3-d1dbc4bb3b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "697c01cd-0800-4363-9910-64788a703fd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "0bc6190a-f06b-4f82-8908-dfb7159c0a6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "a84c2d36-4a6d-4d3a-a4df-b2fdf7ce35c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "1dc70df0-a69f-48a8-a31d-de36b17c4ee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "895183b7-7308-4ed4-a493-73ccf767166c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-21315", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d886e834-9fec-40a3-91b2-e657d4401e46", "content": "", "creation_timestamp": "2026-02-02T12:28:27.827610Z"}, {"uuid": "0aee91a1-ce2b-461f-b306-45045f5a6961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "https://t.me/antichat/9338", "content": "https://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC\nCVE-2021-21315 : Node.JS OS sanitize service Parameters Command Injection", "creation_timestamp": "2021-03-04T15:23:07.000000Z"}, {"uuid": "9dc9f4a5-f6dc-42e6-8091-cda53ea93bfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2035", "content": "", "creation_timestamp": "2024-09-21T16:06:46.000000Z"}, {"uuid": "c4894d62-2b5b-40b0-88f7-a682c5ec12bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "Telegram/2aMB5DIryDfHfZZd2IEqPsG9LzlqX36xwhCJWWzaxntk8g", "content": "", "creation_timestamp": "2024-09-21T16:06:59.000000Z"}, {"uuid": "436de092-acdd-43ef-961c-def8d723efd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "https://t.me/arpsyndicate/957", "content": "#ExploitObserverAlert\n\nCVE-2021-21315\n\nDESCRIPTION: Exploit Observer has 41 entries related to CVE-2021-21315. The System Information Library for Node.JS (npm package \"systeminformation\") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.\n\nFIRST-EPSS: 0.968640000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T14:44:09.000000Z"}, {"uuid": "32dd29a2-4938-42f1-87a4-cd405fc28e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18818", "content": "", "creation_timestamp": "2024-09-21T16:06:46.000000Z"}, {"uuid": "35ee6981-28a1-4a52-ae9b-28cbb7698797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "Telegram/F_4q9agtP1PzG_4Wo2KO1s56TWXkkWbFJRAPZAFRtdS_Dhgg", "content": "", "creation_timestamp": "2025-02-14T10:09:22.000000Z"}, {"uuid": "108f0fb2-30d2-464a-8de9-ed41ef354ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "https://t.me/cibsecurity/23665", "content": "\u203c CVE-2021-21315 \u203c\n\nThe System Information Library for Node.JS (npm package \"systeminformation\") is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1 there is a command injection vulnerability. Problem was fixed in version 5.3.1. As a workaround instead of upgrading, be sure to check or sanitize service parameters that are passed to si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad() ... do only allow strings, reject any arrays. String sanitation works as expected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T20:47:59.000000Z"}, {"uuid": "10de5954-c81c-4d2d-807d-0971c65421de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2865", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 2-8)\n\nCVE-2020-1350 - Exploit SIGRed/Windows DNS Server RCE\nCVE-2021-21972 - VMware vCenter RCE (PoC1, PoC2, PoC3)\nCVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE\nCVE-2021-21166 - Chrome Audio RCE\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nCVE-2021-21315 - Node.JS OS sanitize service Parameters Command Injection\nCVE-2021-23132 - RCE in Joomla core <=3.9.24", "creation_timestamp": "2024-10-14T07:14:24.000000Z"}, {"uuid": "53f33ae0-1eb1-447a-82ef-cddfc054e9dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2821", "content": "#exploit\nCVE-2021-21315:\nNode.JS OS sanitize service Parameters Command Injection \nhttps://github.com/ForbiddenProgrammer/CVE-2021-21315-PoC\nPoC:\n[Victim Site]/api/getServices?name=$(echo -e 'Sekurak' > pwn.txt) [Victim Site]/api/getServices?name[]=$(echo -e 'Sekurak' > pwn.txt)", "creation_timestamp": "2021-10-28T05:17:06.000000Z"}, {"uuid": "7ed78fe8-0315-486a-8e73-ac5441122d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21315", "type": "published-proof-of-concept", "source": "https://t.me/BackupLulz/240", "content": "", "creation_timestamp": "2024-11-03T04:41:27.000000Z"}]}