{"vulnerability": "CVE-2021-2294", "sightings": [{"uuid": "0192c7bd-f4d4-4f54-865b-a9a3b72c1fa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:30:42.000000Z"}, {"uuid": "43a559cf-c8c0-4910-995e-84a9ef87e741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "945022cd-152a-4a29-b766-17eae31acd6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971450", "content": "", "creation_timestamp": "2024-12-24T20:29:31.447618Z"}, {"uuid": "ebf8c16e-3832-4d05-abbc-0bfac9520dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22947", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=715", "content": "", "creation_timestamp": "2022-01-12T04:00:00.000000Z"}, {"uuid": "a8152478-53b7-47d0-b2aa-cea8d5eef6ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:29.000000Z"}, {"uuid": "5f7094f8-ebb6-4c10-99a7-7eb49976563a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22947", "type": "published-proof-of-concept", "source": "https://t.me/poxek/449", "content": "\u0418\u0442\u043e\u0433\u0438 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 patch tuesday \u043e\u0442 microsoft.\n\n\u041f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e 96, \u0447\u0442\u043e \u043d\u0430 29 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 (RCE, privesc, spoofing, xss)\u0432 \u0446\u0435\u043b\u043e\u043c \u0437\u043e\u043e\u043f\u0430\u0440\u043a\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, microsoft exchange server, microsoft office, windows kernel, windows defender, RDP, windows certificate, microsoft teams.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, 0day, \u0430 \u0438\u0445 \u0446\u0435\u043b\u044b\u0445 6:\n\u2022 CVE-2021-22947 - RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 curl, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 Man-in-The-Middle;\n\u2022 CVE-2021-36976 \u2014 use-after-free \u0432 libarchive, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE;\n\u2022 CVE-2022-21874 \u2014- RCE \u0432 api windows security center;\n\u2022 CVE-2022-21919 \u2014 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 windows user profile service, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC;\n\u2022 CVE-2022-21839 \u2014 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 windows event tracing discretionary access control list;\n\u2022 CVE-2022-21836 \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432, PoC \u0442\u0430\u043a \u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 0day, \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0435 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b, \u043d\u0435 \u0431\u044b\u043b\u0438, \u0447\u0442\u043e, \u043d\u0435\u0441\u043e\u043c\u043d\u0435\u043d\u043d\u043e, \u0440\u0430\u0434\u0443\u0435\u0442.\n\n\u0421\u0430\u043c\u044b\u043c \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u0447\u0435\u0440\u0432\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0439 \u0431\u0430\u0433 CVE-2022-21907. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0438 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n@NeKaspersky", "creation_timestamp": "2022-01-12T13:10:46.000000Z"}, {"uuid": "a858dff9-526f-4fcf-8bad-88fceb1b8f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-22941", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/82db75b3-6cd5-42d5-8225-9acacda3d549", "content": "", "creation_timestamp": "2026-02-02T12:27:59.067603Z"}, {"uuid": "de265f56-8c0b-46fd-9151-d78d9e18211f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "published-proof-of-concept", "source": "Telegram/-j9GoQjMLfU83nNXg48f-GpPBYCZFQAe4vs-fv-sdiLYcz8", "content": "", "creation_timestamp": "2025-12-02T09:00:05.000000Z"}, {"uuid": "59adbce4-fa06-409e-aa31-9c7712b6728f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7323", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) \u2013 A Walk-Through.\n\nhttps://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html?m=1", "creation_timestamp": "2021-09-26T17:27:29.000000Z"}, {"uuid": "3385db36-c6ae-4a6c-a12b-5f2c3b5fa7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22946", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mjo2ekwqut2l", "content": "", "creation_timestamp": "2026-04-17T04:07:08.767737Z"}, {"uuid": "465ff964-fbdd-4161-a67f-22dbfd935319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22947", "type": "seen", "source": "https://t.me/true_secator/2513", "content": "\u200b\u200b\u041f\u043e\u0434\u044a\u0435\u0445\u0430\u043b \u0432\u043d\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u0439 Patch Tuesday \u043e\u0442 Microsoft: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 97 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a (\u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u044f 29 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft Edge), 9 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb, 88 \u043a\u0430\u043a \u00ab\u0432\u0430\u0436\u043d\u044b\u0435\u00bb \u0438 6 - 0-day.\n \n\u0421\u0440\u0435\u0434\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445:\n-      CVE-2021-22947 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 Curl, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n-      CVE-2021-36976 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Libarchive, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n-      CVE-2022-21919 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432.\n-      CVE-2022-21836 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 Windows.\n-      CVE-2022-21839 \u2014 \u0442\u0440\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u043a\u0430 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441\u043f\u0438\u0441\u043a\u0430 \u0434\u0438\u0441\u043a\u0440\u0435\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n-      CVE-2022-21874 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows Security Center API, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n \n\u0412 \u0446\u0435\u043b\u043e\u043c, Microsoft Patch \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Windows, Microsoft Edge, Exchange Server, Microsoft Office, SharePoint Server, NET Framework, Microsoft Dynamics, \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, Windows Hyper-V, \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a Windows \u0438 RDP.\n \n\u0412 \u0447\u0438\u0441\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u0434\u0435\u043b\u0438\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 HTTP (http.sys) \u0438 \u0431\u0430\u0433\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Exchange Server.\n \n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u0432\u0441\u0435\u0445 CVE-2022-21907 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 wormable-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0442\u0435\u043a \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 HTTP \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n \n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u043c\u0435\u0442\u043a\u0443 \u043d\u043e\u0432\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 Microsoft Exchange CVE-2022-21846, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u043e \u0410\u041d\u0411 \u0421\u0428\u0410. Microsoft \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 Exchange Server \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n \n\u041f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u0430 CVE \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Microsoft Office, \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u044e\u0449\u0430\u044f\u0441\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0432 Patch Tuesday. CVE-2022-21840 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n \n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0438 \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0432 \u0435\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0446\u0435\u043d\u0435\u043d \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0449\u0438\u0445 \u0434\u0438\u0430\u043b\u043e\u0433\u043e\u0432\u044b\u0445 \u043e\u043a\u043e\u043d \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n \n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431\u0430\u0445 Active Directory \u0438 \u043e\u0448\u0438\u0431\u043a\u0443 Curl \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u044b\u043b\u0430 \u0435\u0449\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0438 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0431\u044a\u0435\u043c \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0433\u043e Patch Tuesday, \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 Microsoft \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u043e\u0434 Office 2019 \u0434\u043b\u044f Mac \u0438 Microsoft Office LTSC \u0434\u043b\u044f Mac 2021, \u043d\u043e \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u044d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n \n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0443 \u043d\u0435\u0435 \u043d\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0430\u044f-\u043b\u0438\u0431\u043e \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2022-01-12T17:30:00.000000Z"}, {"uuid": "814f315e-5769-4116-95e9-19eb0761dcef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/73", "content": "RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) \u2013 A Walk-Through\n\ud83d\udc64 by Markus Wulftange\n\nThe vulnerability is triggerable when processing user upload requests, which can lead to Unauthorized RCE.\n\n\ud83d\udcdd Contents:\n\u2022 Background\n\u2022 The Travelogue\n  \u2022 Finding A Path From Sink To Source\n  \u2022 Are We Still on Track?\n\u2022 What's in the backpack?\n  \u2022 Running With Razor\n\u2022 Timeline and fix\n\nhttps://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html", "creation_timestamp": "2021-09-21T12:50:00.000000Z"}, {"uuid": "d73575ca-606a-40c6-8326-e5d03f051104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22946", "type": "seen", "source": "https://t.me/ctinow/40326", "content": "curl: CVE-2021-22946: Protocol downgrade required TLS bypassed\n\nhttps://ift.tt/3lOM9fK", "creation_timestamp": "2021-09-24T16:11:22.000000Z"}, {"uuid": "9fcb85c5-ff79-4e93-b9ea-1e27eca5fd50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22947", "type": "seen", "source": "https://t.me/NeKaspersky/1670", "content": "\u0418\u0442\u043e\u0433\u0438 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 patch tuesday \u043e\u0442 microsoft.\n\n\u041f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e 96, \u0447\u0442\u043e \u043d\u0430 29 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 (RCE, privesc, spoofing, xss)\u0432 \u0446\u0435\u043b\u043e\u043c \u0437\u043e\u043e\u043f\u0430\u0440\u043a\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, microsoft exchange server, microsoft office, windows kernel, windows defender, RDP, windows certificate, microsoft teams.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, 0day, \u0430 \u0438\u0445 \u0446\u0435\u043b\u044b\u0445 6:\n\u2022 CVE-2021-22947 - RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 curl, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 Man-in-The-Middle;\n\u2022 CVE-2021-36976 \u2014 use-after-free \u0432 libarchive, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE;\n\u2022 CVE-2022-21874 \u2014 RCE \u0432 api windows security center;\n\u2022 CVE-2022-21919 \u2014 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 windows user profile service, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC;\n\u2022 CVE-2022-21839 \u2014 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 windows event tracing discretionary access control list;\n\u2022 CVE-2022-21836 \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432, PoC \u0442\u0430\u043a \u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 0day, \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0435 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b, \u043d\u0435 \u0431\u044b\u043b\u0438, \u0447\u0442\u043e, \u043d\u0435\u0441\u043e\u043c\u043d\u0435\u043d\u043d\u043e, \u0440\u0430\u0434\u0443\u0435\u0442.\n\n\u0421\u0430\u043c\u044b\u043c \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u0447\u0435\u0440\u0432\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0439 \u0431\u0430\u0433 CVE-2022-21907. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0438 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n@NeKaspersky", "creation_timestamp": "2022-01-12T14:49:26.000000Z"}, {"uuid": "7e7719d2-57c9-4965-909d-1b7f08891e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22947", "type": "seen", "source": "https://t.me/cibsecurity/29684", "content": "\u203c CVE-2021-22947 \u203c\n\nWhen curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T00:37:11.000000Z"}, {"uuid": "59139e0c-08f0-47c9-b476-c34dede5ccd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22942", "type": "seen", "source": "https://t.me/ctinow/178113", "content": "https://ift.tt/VOuXloP\nCVE-2021-22942 Ruby on Rails Vulnerability in NetApp Products", "creation_timestamp": "2024-02-02T15:27:17.000000Z"}, {"uuid": "4ca931ac-ab04-48c6-b4c4-ab545cb54c4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22946", "type": "seen", "source": "https://t.me/cibsecurity/29681", "content": "\u203c CVE-2021-22946 \u203c\n\nA user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T00:37:08.000000Z"}, {"uuid": "55939853-62c6-4395-86d4-e7f64fc967cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22942", "type": "seen", "source": "https://t.me/cibsecurity/30689", "content": "\u203c CVE-2021-22942 \u203c\n\nA possible open redirect vulnerability in the Host Authorization middleware in Action Pack >= 6.0.0 that could allow attackers to redirect users to a malicious website.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-18T16:32:09.000000Z"}, {"uuid": "99f27377-c231-4a61-9190-319c5d3e29c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3190", "content": "RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) \u2013 A Walk-Through\n\nhttps://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html", "creation_timestamp": "2021-09-22T08:23:35.000000Z"}, {"uuid": "af147847-6243-44e8-800d-8843aa32e748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22944", "type": "seen", "source": "https://t.me/cibsecurity/28106", "content": "\u203c CVE-2021-22944 \u203c\n\nA vulnerability found in UniFi Protect application V1.18.1 and earlier allows a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T20:33:38.000000Z"}, {"uuid": "af983651-ffc4-4c1b-88da-da084cdca164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22943", "type": "seen", "source": "https://t.me/cibsecurity/28103", "content": "\u203c CVE-2021-22943 \u203c\n\nA vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect camera(s) assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T20:33:35.000000Z"}, {"uuid": "ae64ed3d-fca1-428b-bb58-64084a419090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22949", "type": "seen", "source": "https://t.me/cibsecurity/29282", "content": "\u203c CVE-2021-22949 \u203c\n\nA CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to UI inconvenience, and exhaustion of disk space.Credit for discovery: \"Solar Security CMS Research Team\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:46.000000Z"}, {"uuid": "2c154663-42d0-4389-b776-492db5c1b5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22945", "type": "seen", "source": "https://t.me/cibsecurity/29292", "content": "\u203c CVE-2021-22945 \u203c\n\nWhen sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:29:58.000000Z"}, {"uuid": "8113da08-ad3f-44d0-9b0d-ffd3d4f05fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22948", "type": "seen", "source": "https://t.me/cibsecurity/29294", "content": "\u203c CVE-2021-22948 \u203c\n\nVulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the cryptographically insecure uniqid() PHP function. Under some circumstances, an attacker could theoretically be able to brute force session IDs in order to take over a specific account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:30:00.000000Z"}, {"uuid": "7520fd80-0612-4f03-8a80-a78c56d88831", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "seen", "source": "https://t.me/cibsecurity/29297", "content": "\u203c CVE-2021-22941 \u203c\n\nImproper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an unauthenticated attacker to remotely compromise the storage zones controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T16:30:07.000000Z"}, {"uuid": "ceab3e62-fcc1-4553-9e13-6318ea7f2a02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/5672", "content": "RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) \u2013 A Walk-Through\n\nhttps://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html", "creation_timestamp": "2021-09-21T23:19:50.000000Z"}, {"uuid": "d3485db2-fbc6-411f-9151-65c7d1df0c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22941", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4350", "content": "#Offensive_security\n1. CVE-2021-22941:\nRCE in Citrix ShareFile Storage Zones Controller\nhttps://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html\n2. Helper scripts to assist penetration testing\nand exploit development\nhttps://github.com/greyshell/exploit_dev", "creation_timestamp": "2022-05-27T12:42:32.000000Z"}]}