{"vulnerability": "CVE-2021-22204", "sightings": [{"uuid": "060b00cc-7eec-41aa-873b-edec66f48506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "MISP/e5b7acd7-edb8-4bf3-99c3-8706ff3a9a71", "content": "", "creation_timestamp": "2021-10-01T09:39:06.000000Z"}, {"uuid": "a9e5a75f-8a7b-49aa-8ddd-ca577be58d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "19d560e4-79ff-47c4-95f2-250e03342863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971175", "content": "", "creation_timestamp": "2024-12-24T20:25:23.273429Z"}, {"uuid": "e31545cb-3ee7-4430-b6a7-f9ed445fa42f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "d7ea1640-f2cd-462c-8c87-c2de1de7dff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:52.000000Z"}, {"uuid": "05e6867d-1d52-46ff-893a-10b3d440892a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:34.000000Z"}, {"uuid": "f9f91f81-f962-402b-818f-3af293b8857c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1448", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA complete PoC for CVE-2021-22204 exiftool RCE \nURL\uff1ahttps://github.com/0xBruno/CVE-2021-22204", "creation_timestamp": "2022-01-30T03:13:33.000000Z"}, {"uuid": "f8c5dfa3-c592-4999-9046-fbefbd8ef851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:37.000000Z"}, {"uuid": "4cdfab56-ac97-4dfe-a4a8-2287f9992332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/gitlab_exif_rce.rb", "content": "", "creation_timestamp": "2021-11-03T21:17:46.000000Z"}, {"uuid": "0727b3e1-9846-4086-a67b-778d925553dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/fileformat/exiftool_djvu_ant_perl_injection.rb", "content": "", "creation_timestamp": "2021-05-11T21:49:48.000000Z"}, {"uuid": "edd2f633-5032-49dd-b4d0-dae7200897af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-22204", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/55d4bde7-37fe-41ed-9329-04b2602082a8", "content": "", "creation_timestamp": "2026-02-02T12:28:32.701024Z"}, {"uuid": "333661fb-5c31-42ab-8102-16b077c9d5af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "Telegram/d-rVDZTUKUG3IYUJ4BAdDnIieq971JGpK_Ia99hM3eRIwok", "content": "", "creation_timestamp": "2025-10-28T09:00:04.000000Z"}, {"uuid": "0ae0b746-588a-4f73-b178-1624cdfa5e64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/cKure/5126", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 RCE on exiftool (CVE-2021-22204).", "creation_timestamp": "2021-05-02T07:56:58.000000Z"}, {"uuid": "1c577dbd-aa78-467c-b3db-c7425e988e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5329", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 ExifTool CVE-2021-22204 - Arbitrary Code Execution.\n\nhttps://devcraft.io/2021/05/04/exiftool-arbitrary-code-execution-cve-2021-22204.html", "creation_timestamp": "2021-05-14T22:54:08.000000Z"}, {"uuid": "1101ed02-acb9-4491-95e0-8bf57e245e28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/37", "content": "ExifTool CVE-2021-22204 - Arbitrary Code Execution discovered by @vakzz.\n\nThe story of finding an ImageTragick-esque vulnerability, originally in gitlab. Go down the rabbit hole of image parsing with perl!\n\nContents:\n \u2022 Background\n \u2022 The Bug\n \u2022 Additional Formats\n \u2022 Bonus Formats\n \u2022 References\n\nhttps://devcraft.io/2021/05/04/exiftool-arbitrary-code-execution-cve-2021-22204.html", "creation_timestamp": "2021-05-17T19:44:30.000000Z"}, {"uuid": "3a2a60b6-a37d-4f9b-9944-09932b669ce8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/m1swarr1or/91", "content": "\u041e\u0443, \u043c\u0430\u0439. \u0422\u0430\u043a \u0445\u043e\u0447\u0435\u0442\u0441\u044f \u0438\u0445 \u044d\u043d\u0442\u0435\u0440\u043f\u0440\u0430\u0439\u0437 \u0430\u043f\u0438)) \n\n\u041f\u043e\u043b\u043e\u043c\u0430\u043b\u0438 \u0432\u0435\u0441\u044c\u043c\u0430 \u0437\u0430\u0431\u0430\u0432\u043d\u043e, CVE-2021-22204 \u043d\u0430 rce \u0447\u0435\u0440\u0435\u0437 djvu \u0444\u043e\u0440\u043c\u0430\u0442 \u0432 exiftool. \u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u0442\u043e\u0442\u0430\u043b \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 exiftool \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u0445\u043e\u0441\u0442\u0430\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0447\u0435\u043b\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0435\u0432\u0435\u0440\u0441 \u0448\u0435\u043b\u043b \u0447\u0435\u0440\u0435\u0437 \u0432\u043e\u0442 \u0442\u0430\u043a\u043e\u0439 \u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0441\u0442\u043e \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u043b\u0438 \u043d\u0430 \u0430\u043d\u0430\u043b\u0438\u0437.\n\ncontent: (metadata \"\\c${system('bash -c \\\"{echo,BASE64-ENCODED-COMMAND-TO-BE-EXECUTED }|{base64,-d }|{bash,-i }\\\" ; clear') };\")", "creation_timestamp": "2022-04-25T22:15:20.000000Z"}, {"uuid": "3fa09414-ac6b-47af-88a1-0da260230305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4086", "content": "\u0415\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435\u0441\u044c ExifTool, \u0442\u043e \u0432\u0430\u043c \u0430\u043f\u0434\u0435\u0439\u0442! \n\nhttps://devcraft.io/2021/05/04/exiftool-arbitrary-code-execution-cve-2021-22204.html", "creation_timestamp": "2021-05-19T08:06:32.000000Z"}, {"uuid": "4983a08d-7088-44e8-8afd-854ac441366c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/reconshell/687", "content": "CVE-2021-22204\n\nImproper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image\n\nhttps://cve.reconshell.com/cve/CVE-2021-22204", "creation_timestamp": "2021-04-24T09:07:19.000000Z"}, {"uuid": "aeb206a2-7c08-47e5-92c9-709f4bd1e5a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/arpsyndicate/42", "content": "#ExploitObserverAlert\n\nCVE-2021-22204\n\nDESCRIPTION: Exploit Observer has 84 entries related to CVE-2021-22204. Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image\n\nFIRST-EPSS: 0.875560000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-10T19:46:04.000000Z"}, {"uuid": "db688869-20e2-4b4d-a3ec-38a7ca1fab6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/hack_room_channel/149", "content": "CVE-2021-22204\n\nUne neutralisation incorrecte des donn\u00e9es utilisateur dans le format de fichier DjVu dans les versions 7.44 et ult\u00e9rieures d'ExifTool permet l'ex\u00e9cution de code arbitraire lors de l'analyse de l'image malveillante.\n\nhttps://github.com/LazyTitan33/CVE-2021-22204", "creation_timestamp": "2022-01-24T06:32:07.000000Z"}, {"uuid": "835cb3f7-c973-412d-842f-44f5370ca64f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/hack_room_channel/148", "content": "CVE-2021-22204\n\nImproper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image. \n\nhttps://github.com/LazyTitan33/CVE-2021-22204", "creation_timestamp": "2022-01-24T06:31:11.000000Z"}, {"uuid": "bbf56287-ab88-4e09-848b-02f1311b3f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/402", "content": "CVE-2021-22204 ExifTool\u4efb\u610f\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-22204_ExifTool%E4%BB%BB%E6%84%8F%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-11T09:56:55.000000Z"}, {"uuid": "1c069330-1b65-4b0a-b8cc-9223c8c28562", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/true_secator/2887", "content": "\u034f\u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u043e\u0433\u0434\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u043d\u0430 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0435\u0440\u0435\u0436\u0435\u043d\u0438\u0435 \u043e\u0442 \u0443\u0433\u0440\u043e\u0437 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0441\u0430\u043c\u0430 \u0432\u044b\u0441\u0442\u0443\u043f\u0430\u0442\u044c \u0443\u0433\u0440\u043e\u0437\u043e\u0439.\n\n\u042d\u043d\u0442\u0443\u0437\u0438\u0430\u0441\u0442\u044b \u0438\u0437 Cysource \u043d\u0435 \u043f\u043e\u043b\u0435\u043d\u0438\u043b\u0438\u0441\u044c \u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u043e\u0442\u0430\u0443\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0430\u043c VirusTotal \u0438 \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u0432\u044b\u0448\u043b\u043e \u044d\u0442\u043e \u0443 \u043d\u0438\u0445 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u043e. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 VirusTotal \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0440\u0443\u0434\u0438\u044f \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (RCE) \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445-\u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0435 \u0434\u0432\u0438\u0436\u043a\u0438.\n\n\u0411\u0430\u0433\u0443 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0435\u0449\u0435 13 \u0430\u043f\u0440\u0435\u043b\u044f 2021 \u0433\u043e\u0434\u0430, \u043d\u043e \u0434\u043b\u044f \u0441\u043f\u0440\u0430\u0432\u043a\u0438 \u0438\u0437-\u0437\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 RCE \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0433 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b.\n\n\u041c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u043b \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0444\u0430\u0439\u043b\u0430 DjVu \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0435\u0433\u043e \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 ExifTool - \u0443\u0442\u0438\u043b\u0438\u0442\u0435 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438 \u0440\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0445 EXIF \u0432 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 PDF-\u0444\u0430\u0439\u043b\u0430\u0445.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a CVE-2021-22204 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0446\u0435\u043d\u043a\u0443 7,8 \u043f\u043e CVSS \u0438 \u0440\u0430\u0441\u0441\u043c\u0430\u0442\u0440\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041a\u0430\u043a \u043c\u044b \u043f\u043e\u043c\u043d\u0438\u043c VirusTotal, \u0432\u0445\u043e\u0434\u0438\u0442 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432 \u043f\u043e\u0434\u0440\u0430\u0437\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Google Chronicle \u0438 \u043a\u0430\u0436\u0434\u044b\u0439 \u0440\u0430\u0437, \u043a\u043e\u0433\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0444\u0430\u0439\u043b \u0441 \u043d\u043e\u0432\u043e\u0439 \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439, VirusTotal \u0431\u043b\u0430\u0433\u043e\u043f\u043e\u043b\u0443\u0447\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b \u044d\u0442\u043e\u0442 \u0444\u0430\u0439\u043b \u0434\u0440\u0443\u0433\u0438\u043c \u0445\u043e\u0441\u0442\u0430\u043c. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043f\u043e\u043c\u0438\u043c\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0435\u0449\u0435 \u0438 \u0441\u0430\u043c\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0430\u0441\u044c \u043f\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438 Google \u0435\u0451 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0438 \u043f\u0430\u0440\u0442\u043d\u0451\u0440\u0430\u043c.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Google, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u043b\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c \u043a 50 \u0445\u043e\u0441\u0442\u0430\u043c, \u043f\u0440\u0438\u0447\u0451\u043c \u0434\u043e\u0441\u0442\u0443\u043f \u0431\u044b\u043b \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0440\u0435\u0431\u044f\u0442\u0430 \u043d\u0435 \u0441\u043f\u0435\u0448\u0438\u043b\u0438 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2022-04-26T13:58:09.000000Z"}, {"uuid": "2fd949c4-08f7-46d2-ba79-89c6034ce902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/NeKaspersky/2173", "content": "\u041c\u043d\u043e\u0433\u043e \u0448\u0443\u043c\u0430 \u0438\u0437 \u043d\u0438\u0447\u0435\u0433\u043e, \u0438\u043b\u0438 \u043a\u0430\u043a \u0432 VirusTotal RCE \u043d\u0430\u0448\u043b\u0438\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Cysource \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e \u0433\u0443\u0433\u043b\u043e\u0432\u0441\u043a\u0438\u0439 VirusTotal \u043c\u043e\u0433 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u0430\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u043b\u0430\u0441\u044c \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0440\u044f\u0434 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e ExifTool, \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u043a CVE-2021-22204 (7.8 CVSS). \u0414\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0437\u0430\u0432\u0435\u0442\u043d\u043e\u0433\u043e reverse shell-\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u044b\u043b\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u0430\u0439\u0442\u0430 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043d\u0430 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 DjVu-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0447\u0442\u043e-\u0442\u043e \u043d\u0430\u043f\u043e\u0434\u043e\u0431\u0438\u0435 content: (metadata \"\\c${system('bash -c \\\"{echo,\u0432\u0430\u0448_\u043f\u0435\u0439\u043b\u043e\u0434_\u0432_base64 }|{base64,-d }|{bash,-i }\\\" ; clear') };\") \u0438, \u043f\u043e\u0442\u0438\u0440\u0430\u044f \u0440\u0443\u043a\u0438 \u0438 \u0437\u043b\u043e\u0431\u043d\u043e \u0441\u043c\u0435\u044f\u0441\u044c, \u043e\u0436\u0438\u0434\u0430\u0442\u044c.\n\n\u041e \u0431\u0430\u0433\u0435 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0435\u0433\u043e \u0441\u0442\u043e\u043b\u044c \u0436\u0435 \u0431\u044b\u0441\u0442\u0440\u043e \u043f\u043e\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0438 \u0442.\u0434, \u043d\u043e \u0441\u0443\u0442\u044c \u0441\u043b\u0435\u0433\u043a\u0430 \u0432 \u0434\u0440\u0443\u0433\u043e\u043c: \u0432\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u043a\u0430\u043a \u043f\u043e\u043d\u044f\u0442\u043d\u043e \u0438\u0437 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f, \u043a\u043e\u0441\u044f\u043a \u0431\u044b\u043b \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0435 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b VT, \u0432\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, \u043f\u0440\u0438 \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 (\u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c \u043d\u0435\u043f\u043e\u0444\u0438\u043a\u0448\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0431\u0430\u0433\u0430) \u0442\u0435\u0445 \u0436\u0435 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446, \u043f\u0440\u0438 \u0432\u0441\u0435\u043c \u0436\u0435\u043b\u0430\u043d\u0438\u0438 \u043e\u0442\u0442\u0443\u0434\u0430 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u0441\u044f \u0432\u044b\u0442\u0430\u0449\u0438\u0442\u044c \u043d\u0438\u0447\u0435\u0433\u043e \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0433\u043e. \u0412 \u043e\u0431\u0449\u0435\u043c, \u043d\u0435 \u0432\u0435\u0434\u0438\u0442\u0435\u0441\u044c \u043d\u0430 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u0438, \u0434\u0440\u0443\u0437\u044c\u044f.\n@NeKaspersky", "creation_timestamp": "2022-04-27T17:59:50.000000Z"}, {"uuid": "8955b034-f754-47e1-a843-e2152cf40d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/reconshell/705", "content": "CVE-2021-22204\n\nImproper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image\n\nhttps://cve.reconshell.com/cve/CVE-2021-22204", "creation_timestamp": "2021-05-16T17:27:59.000000Z"}, {"uuid": "d4ab0ea4-18ce-44e8-82a3-d62804ed8442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3279", "content": "#Analytics\nTop 10 Most Used Vulnerabilities of the Month (April 1-30)\n\nCVE-2020-13379 - Unauth Full-Read SSRF in Grafana\nhttps://t.me/cybersecuritytechnologies/1515\nCVE-2021-24086 - Win IPv4/6 Stack RCE/DoS Vulns\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-28310 - Win32k EoP Vulnerability\nhttps://t.me/cybersecuritytechnologies/3124\nCVE-2021-26411 - IE mshtml UAF\nhttps://t.me/cybersecuritytechnologies/2908\nCVE-2021-22204 - DjVu improper neutralization of user data\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-24027 - Remote exploitation of a man-in-the-disk vulnerability in WhatsApp\nhttps://t.me/cybersecuritytechnologies/3126\nCVE-2021-28316 - Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability\nhttps://t.me/cybersecuritytechnologies/3156\nCVE-2021-28480/28482 - MS Exchange Server RCE\nhttps://www.tenable.com/blog/cve-2021-28480-cve-2021-28481-cve-2021-28482-cve-2021-28483-four-critical-microsoft-exchange", "creation_timestamp": "2024-04-30T17:11:44.000000Z"}, {"uuid": "9b1c4f76-c835-4f12-b86e-83897a61da40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/515", "content": "A CTF-style walkthrough of the recent Exiftool arbitrary code execution vuln (CVE-2021-22204) - https://blog.bricked.tech/posts/exiftool/", "creation_timestamp": "2021-05-16T02:08:54.000000Z"}, {"uuid": "b987319d-1e1d-4ebb-bc98-f95e09edabe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3219", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 19-25)\nCVE-2021-3156 Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 Win kernel 0-day\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-22204 Improper neutralization of user data in DjVu\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-26415 Win Installer EoP\nhttps://t.me/cybersecuritytechnologies/3186\nCVE-2021-3493 OverlayFS PE\nhttps://t.me/cybersecuritytechnologies/3164\nCVE-2021-26413 Win Installer Spoofing\nhttps://t.me/cybersecuritytechnologies/3176\nCVE-2016-7836 SKYSEA Client View Arbitrary Code Exec\nhttps://www.virusbulletin.com/virusbulletin/2020/05/vb2019-paper-apt-cases-exploiting-vulnerabilities-regionspecific-software\nCVE-2021-27905 Apache Solr SSRF\nhttps://t.me/cybersecuritytechnologies/3213", "creation_timestamp": "2021-04-26T11:02:21.000000Z"}, {"uuid": "6293612a-587a-4a6b-b704-3f1c64c24491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22204", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}]}