{"vulnerability": "CVE-2021-22053", "sightings": [{"uuid": "b031829c-73a7-4342-9917-3aa2fb7a1094", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "6a8081b9-9207-43b3-8392-a883767af4b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "79897a46-d016-4006-b17f-5eb1da3494ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-20)", "content": "", "creation_timestamp": "2025-11-20T00:00:00.000000Z"}, {"uuid": "6dee56f9-f322-46ba-ba95-910a65e8022d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1205", "content": "#exploit\n1. CVE-2021-42321:\nExchange Post-Auth RCE\nhttps://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398\n\n2. CVE-2021-22053:\nSpring Cloud Netflix Hystrix Dashboard\ntemplate resolution vulnerability\nhttps://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053\n\n@BlueRedTeam", "creation_timestamp": "2021-11-22T10:37:29.000000Z"}, {"uuid": "987d99f3-f4a4-4ba6-9faa-50d15e9066a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "9be195f1-f7fe-4cdb-a77e-5e67ac5c9f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-21)", "content": "", "creation_timestamp": "2025-08-21T00:00:00.000000Z"}, {"uuid": "2d9d16e6-913a-4067-a3a9-dd2445d5434a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/464", "content": "Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053\nhttps://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053\n\nBypass CVE-2021-41379 patch in Windows 11 and Server 2022 with November 2021\nhttps://github.com/klinix5/InstallerFileTakeOver", "creation_timestamp": "2021-11-22T09:30:27.000000Z"}, {"uuid": "9822c621-3bef-425b-a682-bda577fc846d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "seen", "source": "https://t.me/cibsecurity/32701", "content": "\u203c CVE-2021-22053 \u203c\n\nApplications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T18:23:23.000000Z"}, {"uuid": "f84cb984-cc47-4d27-9ee4-bd11453b9139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22053", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4809", "content": "#exploit\n1. CVE-2021-42321:\nExchange Post-Auth RCE\nhttps://gist.github.com/testanull/0188c1ae847f37a70fe536123d14f398\n\n2. CVE-2021-22053:\nSpring Cloud Netflix Hystrix Dashboard\ntemplate resolution vulnerability\nhttps://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053", "creation_timestamp": "2021-11-22T11:01:01.000000Z"}]}