{"vulnerability": "CVE-2021-22937", "sightings": [{"uuid": "03470bd8-a939-44a1-ae2c-fead6b71ad1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "seen", "source": "MISP/06bb11a9-6fa0-4f2e-97b1-45ded48e4662", "content": "", "creation_timestamp": "2024-11-14T06:09:34.000000Z"}, {"uuid": "8d03f422-679f-4e9e-89ed-6413ea513f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "published-proof-of-concept", "source": "Telegram/OlmIWfCf04jqftw8Cq-ou5J6g6om_6u_87bzbeyzb222HA", "content": "", "creation_timestamp": "2021-08-06T13:54:25.000000Z"}, {"uuid": "fc9da890-ea53-40fb-bf3e-16e8e4057936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "published-proof-of-concept", "source": "Telegram/PrpY9viYNwJsloEku2TiViFqt7xU58t-bPyhw4S2R6DOTw", "content": "", "creation_timestamp": "2021-08-06T17:57:30.000000Z"}, {"uuid": "53346052-053a-4400-9969-ccadc1ebd666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityIL/4542", "content": "\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d7\u05d3\u05e9\u05d4 \u05d1\u05de\u05d5\u05e6\u05e8 \u05e9\u05dc Pulse Secure \u05de\u05d0\u05e4\u05e9\u05e8 \u05d4\u05e8\u05e6\u05ea \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05e2\u05dd \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea Root. \n\n\u05d1\u05d7\u05d5\u05d3\u05e9 \u05de\u05d0\u05d9 2021 \u05d3\u05d9\u05d5\u05d5\u05d7 \u05d7\u05d5\u05e7\u05e8 \u05d0\u05d1\u05d8\"\u05de \u05db\u05d9 \u05de\u05e6\u05d0 \u05d7\u05d5\u05dc\u05e9\u05d4 \u05d1\u05de\u05d5\u05e6\u05e8 Pulse Connect Secure \u05d4\u05de\u05d0\u05e4\u05e9\u05e8\u05ea \u05dc\u05d5 \u05dc\u05d4\u05e8\u05d9\u05e5 \u05e7\u05d5\u05d3 \u05de\u05e8\u05d7\u05d5\u05e7 \u05e2\u05dd \u05d4\u05e8\u05e9\u05d0\u05d5\u05ea Root.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d3\u05d5\u05d5\u05d7\u05d4 \u05dc\u05d7\u05d1\u05e8\u05ea Pulse Secure \u05d1\u05d0\u05de\u05e6\u05e2\u05d5\u05ea \u05e4\u05dc\u05d8\u05e4\u05d5\u05e8\u05de\u05ea HackerOne \u05d1\u05ea\u05d0\u05e8\u05d9\u05da 12.5.21 \u05d0\u05da \u05d1\u05de\u05e9\u05da \u05d7\u05d5\u05d3\u05e9\u05d9\u05d9\u05dd \"\u05d6\u05db\u05ea\u05d4\" \u05dc\u05d4\u05ea\u05e2\u05dc\u05de\u05d5\u05ea \u05de\u05e6\u05d3 Pulse Secure. \u05e8\u05e7 \u05d1-15.7.21 \u05d5\u05dc\u05d0\u05e8\u05d7 \u05e9\u05d1-HackerOne \u05d4\u05d5\u05d3\u05d9\u05e2\u05d5 \u05db\u05d9 \u05d1\u05d4\u05ea\u05d0\u05dd \u05dc\u05de\u05d3\u05d9\u05e0\u05d9\u05d5\u05ea \u05d4\u05d0\u05ea\u05e8 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05ea\u05e4\u05d5\u05e8\u05e1\u05dd \u05d1\u05d0\u05d5\u05e4\u05df \u05e6\u05d9\u05d1\u05d5\u05e8\u05d9 \u05d1\u05e2\u05d5\u05d3 \u05de\u05e1\u05e4\u05e8 \u05d9\u05de\u05d9\u05dd \u05d4\u05d2\u05d9\u05d1\u05d5 \u05d1-Pulse Secure \u05d5\u05d3\u05d9\u05d5\u05d5\u05d7\u05d5 \u05db\u05d9 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05ea\u05ea\u05d5\u05e7\u05df \u05d1\u05d4\u05e7\u05d3\u05dd \u05d5\u05d1\u05d9\u05e7\u05e9\u05d5 \u05dc\u05d0 \u05dc\u05e4\u05e8\u05e1\u05dd \u05d0\u05ea \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05e2\u05d3 \u05dc\u05ea\u05d9\u05e7\u05d5\u05df.\n\n\u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d0\u05db\u05df \u05dc\u05d0 \u05e4\u05d5\u05e8\u05e1\u05de\u05d4 \u05d5\u05d4\u05e4\u05e8\u05e1\u05d5\u05dd \u05e0\u05d3\u05d7\u05d4 \u05e2\u05d3 \u05dc\u05d0\u05ea\u05de\u05d5\u05dc 5.8.21 \u05db\u05d0\u05e9\u05e8 Pulse Secure \u05e9\u05d7\u05e8\u05e8\u05d5 \u05e2\u05d3\u05db\u05d5\u05df \u05d1-2.8.21.\n\u05d4\u05d2\u05e8\u05e1\u05d4 \u05d4\u05de\u05e2\u05d5\u05d3\u05db\u05e0\u05ea \u05d4\u05d9\u05d0 9.1R12.\n\n(\u05ea\u05d5\u05d3\u05d4 \u05dc-Guy \u05e2\u05dc \u05d4\u05d4\u05e4\u05e0\u05d9\u05d9\u05d4 \u05dc\u05db\u05ea\u05d1\u05d4 \ud83d\ude4f\ud83c\udffb) \n\nhttps://t.me/CyberSecurityIL/1219\n\nhttps://research.nccgroup.com/2021/08/05/technical-advisory-pulse-connect-secure-rce-via-uncontrolled-archive-extraction-cve-2021-22937-patch-bypass/amp/", "creation_timestamp": "2021-08-06T14:51:28.000000Z"}, {"uuid": "20f125b8-b9a7-4fb6-ac95-562ff1962c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4203", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Aug 1-31)\nCVE-2021-1675 - Print Spooler EoP\nhttps://t.me/cybersecuritytechnologies/3723\nCVE-2021-31956 - Win NTFS EoP\nhttps://t.me/cybersecuritytechnologies/4110\nCVE-2021-36958 - Print Spooler RCE\nhttps://mobile.twitter.com/gentilkiwi/status/1416429860566847490?s=20\nCVE-2021-39137 - A consensus-vuln in go-eth\nCVE-2021-22937 - Pulse ConnSecure RCE\nhttps://t.me/cybersecuritytechnologies/4044\nCVE-2021-34473 - Pre-auth Path Confusion\nhttps://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell\nCVE-2021-21225 - Vuln in V8's Array.prototype.concat\nhttps://t.me/cybersecuritytechnologies/4090\nCVE-2021-20090 - Path traversal in Buffalo routers\nhttps://t.me/cybersecuritytechnologies/3986\nCVE-2021-26084 - Confluence Server Webwork OGNL Inj\nhttps://t.me/cybersecuritytechnologies/4202\nCVE-2021-3711 - Vulns in OpenSSL\nhttps://nakedsecurity.sophos.com/2021/08/27/big-bad-decryption-bug-in-openssl-but-no-cause-for-alarm", "creation_timestamp": "2021-09-02T11:05:07.000000Z"}, {"uuid": "51057238-79a1-4512-abcc-c29ef990229e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "seen", "source": "https://t.me/cibsecurity/27395", "content": "\u203c CVE-2021-22937 \u203c\n\nA vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator to perform a file write via a maliciously crafted archive uploaded in the administrator web interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-16T22:14:53.000000Z"}, {"uuid": "2fd4f788-d5bf-4f75-8ab7-f2428ef96376", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22937", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4044", "content": "#Threat_Research\n1. Multiple Vulnerabilities in cPanel/WHM\nhttps://www.fortbridge.co.uk/research/multiple-vulnerabilities-in-cpanel-whm\n2. Pulse Connect Secure - RCE via Uncontrolled Archive Extraction - CVE-2021-22937 (Patch Bypass)\nhttps://research.nccgroup.com/2021/08/05/technical-advisory-pulse-connect-secure-rce-via-uncontrolled-archive-extraction-cve-2021-22937-patch-bypass", "creation_timestamp": "2021-08-11T12:29:23.000000Z"}]}