{"vulnerability": "CVE-2021-2298", "sightings": [{"uuid": "ad9b4e3e-4dbc-497c-95ef-b1b1caa20b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "5979dfd6-ab21-460e-a318-46de47b10be3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "0360b122-d40f-46ed-90c5-56080cad6906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:42.000000Z"}, {"uuid": "1e83cb1d-727e-4ecf-a4eb-f248388ed053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/b25d85bb-911f-4fbb-b18f-8ee3c7594b51", "content": "", "creation_timestamp": "2024-11-14T06:09:54.000000Z"}, {"uuid": "8be1c807-c1cc-47de-86c2-7bfa75285c17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22987", "type": "seen", "source": "MISP/f21c889e-658c-482f-b164-0f3f20dfe6c9", "content": "", "creation_timestamp": "2024-11-14T06:08:55.000000Z"}, {"uuid": "64706a0c-a4f2-4373-932c-a099571547b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971087", "content": "", "creation_timestamp": "2024-12-24T20:24:03.703540Z"}, {"uuid": "75c15f65-abff-4f04-88a1-4f1b451df47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-03)", "content": "", "creation_timestamp": "2025-02-03T00:00:00.000000Z"}, {"uuid": "6f948b78-4632-4b09-8056-2c646a46a998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "a643a41a-f62e-4a09-939d-b751d0f9c3a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-18)", "content": "", "creation_timestamp": "2025-01-18T00:00:00.000000Z"}, {"uuid": "c89195e4-4631-47d3-aad6-c9b3be06cb59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-22)", "content": "", "creation_timestamp": "2024-12-22T00:00:00.000000Z"}, {"uuid": "1a885126-6594-4bd0-81c9-cb922be6bd9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-27)", "content": "", "creation_timestamp": "2024-12-27T00:00:00.000000Z"}, {"uuid": "89da12c6-1803-4fa5-b42a-69155337657b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-13)", "content": "", "creation_timestamp": "2025-01-13T00:00:00.000000Z"}, {"uuid": "b2b9a8f2-d759-488b-b0da-dcb557622eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "7b474347-10bb-48e5-b7a1-7c115e711ee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-21)", "content": "", "creation_timestamp": "2024-12-21T00:00:00.000000Z"}, {"uuid": "893fd29a-3044-4eda-9c6e-6c831c8b5459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-23)", "content": "", "creation_timestamp": "2025-03-23T00:00:00.000000Z"}, {"uuid": "aadc91fa-1e6f-4df7-af17-04ae83f49ff2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "26f0dd15-d75d-4bfa-9050-64d0c928c4c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "9c962fc9-ecc0-4038-8f92-f91866ba0278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:35.000000Z"}, {"uuid": "4fd1021d-9c7c-4d57-baab-29ff179db1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-04)", "content": "", "creation_timestamp": "2025-03-04T00:00:00.000000Z"}, {"uuid": "76dfb563-1db5-4acd-8a0f-0c1bcd8fdd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-27)", "content": "", "creation_timestamp": "2025-03-27T00:00:00.000000Z"}, {"uuid": "7337fff0-6ace-41c0-9019-6cd2d90f824b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-22)", "content": "", "creation_timestamp": "2025-03-22T00:00:00.000000Z"}, {"uuid": "5a97c192-ebce-4f93-a4f2-1e63d6bb9d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:53.000000Z"}, {"uuid": "9c5bc96a-9dbf-41b1-9cf5-81f141ae52dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-28)", "content": "", "creation_timestamp": "2025-03-28T00:00:00.000000Z"}, {"uuid": "77ac69aa-f75f-4d6c-b4c1-d3d06a66a005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "daf688e0-963e-4d20-8a71-98c063c56d23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-11)", "content": "", "creation_timestamp": "2025-07-11T00:00:00.000000Z"}, {"uuid": "d2f4c121-e76f-49dc-aa3b-20cb4fa3d757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-11)", "content": "", "creation_timestamp": "2025-06-11T00:00:00.000000Z"}, {"uuid": "c37088bb-e8a2-4115-805e-96eb1a7cb375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "31d4e920-253b-44fb-9b56-fa2b7dedd0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-12)", "content": "", "creation_timestamp": "2025-07-12T00:00:00.000000Z"}, {"uuid": "8e395d26-2189-48ea-854a-49940c673dd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-13)", "content": "", "creation_timestamp": "2025-07-13T00:00:00.000000Z"}, {"uuid": "928434c5-97c0-4e35-9385-0e81c258ddd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-10)", "content": "", "creation_timestamp": "2025-07-10T00:00:00.000000Z"}, {"uuid": "2145e474-245f-48d9-b77b-1892147370b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-01)", "content": "", "creation_timestamp": "2025-10-01T00:00:00.000000Z"}, {"uuid": "d5c46658-227d-431f-bd66-d66772f643b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-08)", "content": "", "creation_timestamp": "2025-07-08T00:00:00.000000Z"}, {"uuid": "8c5a3978-3f9f-4eb9-b159-497c4aaddb3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-04)", "content": "", "creation_timestamp": "2025-11-04T00:00:00.000000Z"}, {"uuid": "5faf15af-a35d-4a86-bb81-f0107be5a68c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-18)", "content": "", "creation_timestamp": "2025-10-18T00:00:00.000000Z"}, {"uuid": "1b893459-2d90-4161-bc81-7cc4d800f0c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-04)", "content": "", "creation_timestamp": "2025-07-04T00:00:00.000000Z"}, {"uuid": "65fe74bc-655e-4f9d-a937-8078e6c74f53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-16)", "content": "", "creation_timestamp": "2025-07-16T00:00:00.000000Z"}, {"uuid": "112f918d-c052-4dfd-92d7-e2b961f088db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "8eeef878-0fba-4858-a6ca-3bbbcd3e3eb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-27)", "content": "", "creation_timestamp": "2025-10-27T00:00:00.000000Z"}, {"uuid": "e163a854-44b9-4db1-bc58-632008792ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-17)", "content": "", "creation_timestamp": "2025-11-17T00:00:00.000000Z"}, {"uuid": "92417f85-a4c6-4aa3-86e2-394e7f719a35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-21)", "content": "", "creation_timestamp": "2025-10-21T00:00:00.000000Z"}, {"uuid": "1dc94427-2e2d-45bb-a5d6-bab49d10c5b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-05)", "content": "", "creation_timestamp": "2025-09-05T00:00:00.000000Z"}, {"uuid": "89d23555-1680-488e-a564-649c1ed23a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-09)", "content": "", "creation_timestamp": "2025-09-09T00:00:00.000000Z"}, {"uuid": "b2d07eb0-78e7-4cb3-979d-34e093f7ad12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-25)", "content": "", "creation_timestamp": "2025-10-25T00:00:00.000000Z"}, {"uuid": "ba9d7651-54ab-4d0e-bebe-b301fb3b6f51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-29)", "content": "", "creation_timestamp": "2025-10-29T00:00:00.000000Z"}, {"uuid": "78145f62-fd18-4579-b729-5d5a3d2f776d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-06)", "content": "", "creation_timestamp": "2025-10-06T00:00:00.000000Z"}, {"uuid": "34943fbe-2904-4080-977e-9ab718bc5ea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-13)", "content": "", "creation_timestamp": "2025-10-13T00:00:00.000000Z"}, {"uuid": "48e85b9c-54a4-4e90-ab89-7e3612c2b7a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-29)", "content": "", "creation_timestamp": "2025-07-29T00:00:00.000000Z"}, {"uuid": "83bbcd16-7ab3-41d7-bf38-bdaf520bbbd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "9386c125-8aaf-44c2-87eb-38ae733c656d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-15)", "content": "", "creation_timestamp": "2025-11-15T00:00:00.000000Z"}, {"uuid": "6e80dffb-8299-4e59-8a79-1e5554a2ccf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-05)", "content": "", "creation_timestamp": "2025-08-05T00:00:00.000000Z"}, {"uuid": "f348364d-bda1-41fe-9ae6-dc14fdbd656e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-31)", "content": "", "creation_timestamp": "2025-10-31T00:00:00.000000Z"}, {"uuid": "a80e3fd4-dc30-4890-b6bf-3b70851f3e7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "63c38b46-9167-4897-9a70-b37c614c7f14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-07)", "content": "", "creation_timestamp": "2025-08-07T00:00:00.000000Z"}, {"uuid": "35e2f4e2-120b-40d2-aa1a-9a34b1f4a8aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-03)", "content": "", "creation_timestamp": "2025-11-03T00:00:00.000000Z"}, {"uuid": "c468d320-f20c-40ce-a231-f2ebce4ab0c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-20)", "content": "", "creation_timestamp": "2025-11-20T00:00:00.000000Z"}, {"uuid": "9bd57c3b-128c-4c5c-9694-7e3ca47cd321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-08)", "content": "", "creation_timestamp": "2025-08-08T00:00:00.000000Z"}, {"uuid": "b1b18c9c-9f10-4f76-ba04-42dff389159f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-06)", "content": "", "creation_timestamp": "2025-09-06T00:00:00.000000Z"}, {"uuid": "02ea3ef3-5f3d-44d6-a306-5bcb332892e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-19)", "content": "", "creation_timestamp": "2025-10-19T00:00:00.000000Z"}, {"uuid": "6a7e76bf-2b44-418d-a2d3-8643b07966ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-08)", "content": "", "creation_timestamp": "2025-10-08T00:00:00.000000Z"}, {"uuid": "1730a76f-a435-4d49-b1d0-9b16581a1768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-23)", "content": "", "creation_timestamp": "2025-10-23T00:00:00.000000Z"}, {"uuid": "41cf471a-c90f-4ffa-acae-a00a772affdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-09)", "content": "", "creation_timestamp": "2025-08-09T00:00:00.000000Z"}, {"uuid": "5ac7a7ff-7aef-412d-ac5a-5b08c61e51f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "da8e1c77-bfb7-4116-b061-3b0341159787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-08)", "content": "", "creation_timestamp": "2025-11-08T00:00:00.000000Z"}, {"uuid": "f56985d3-879f-44d3-8c97-9255c08bfad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-06)", "content": "", "creation_timestamp": "2025-11-06T00:00:00.000000Z"}, {"uuid": "ecfb0c5a-ca16-432f-845f-7484328a3916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-12)", "content": "", "creation_timestamp": "2025-11-12T00:00:00.000000Z"}, {"uuid": "bb429f0b-df9d-4a4a-97ba-f1c78be3e68d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-12)", "content": "", "creation_timestamp": "2025-08-12T00:00:00.000000Z"}, {"uuid": "365349ad-1a1b-49e5-ac27-bb5db7f97ea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-11)", "content": "", "creation_timestamp": "2025-08-11T00:00:00.000000Z"}, {"uuid": "410cd916-744c-4d7d-abcd-8321ad3fdbfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "c328b35f-2e1a-459f-ae4b-0f50f14f3f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-13)", "content": "", "creation_timestamp": "2025-08-13T00:00:00.000000Z"}, {"uuid": "614752a0-2c09-4929-b7ff-b6d1b8ef26cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-14)", "content": "", "creation_timestamp": "2025-09-14T00:00:00.000000Z"}, {"uuid": "f75cf29b-48d5-4109-8bb9-67164510dc59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-07)", "content": "", "creation_timestamp": "2025-09-07T00:00:00.000000Z"}, {"uuid": "82f29643-1977-4094-a20b-57b33db5ecbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "11ff24fe-5511-480c-a0f3-82aee2fa417a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-15)", "content": "", "creation_timestamp": "2025-08-15T00:00:00.000000Z"}, {"uuid": "74131357-e4c0-4478-90e2-73af7a82c46a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-16)", "content": "", "creation_timestamp": "2025-11-16T00:00:00.000000Z"}, {"uuid": "7b5cba56-006f-4e71-8bda-f2de25a386d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "0c1985d1-e688-43cd-a192-327024be99cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-19)", "content": "", "creation_timestamp": "2025-11-19T00:00:00.000000Z"}, {"uuid": "2fe7b90d-5557-4ff3-aa9f-76f9efe83683", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "c6607d11-5d48-4dc9-b84f-a996e630a7ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "ad16897c-de38-4a3f-8d73-c347ea89106a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-20)", "content": "", "creation_timestamp": "2025-10-20T00:00:00.000000Z"}, {"uuid": "d751a40d-e9f1-4df3-a2f1-b23f0ce14002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "0a30496f-d525-442a-8e4f-2c1c8b14d83c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-26)", "content": "", "creation_timestamp": "2025-10-26T00:00:00.000000Z"}, {"uuid": "aea4b3e4-72c0-4a2f-93cb-846f1e21171c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-13)", "content": "", "creation_timestamp": "2025-11-13T00:00:00.000000Z"}, {"uuid": "07e5ce0e-1b88-4f89-b4df-1d7907660c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-10)", "content": "", "creation_timestamp": "2025-09-10T00:00:00.000000Z"}, {"uuid": "2813de9f-3967-4eec-b807-10f77cbd666f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-09)", "content": "", "creation_timestamp": "2025-10-09T00:00:00.000000Z"}, {"uuid": "d006231e-08b0-41cf-a780-b2effca2141f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-19)", "content": "", "creation_timestamp": "2025-08-19T00:00:00.000000Z"}, {"uuid": "405b9bff-9873-4164-920c-e90f723c5901", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "4f1047ab-a51d-4887-abcf-562843a14930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-02)", "content": "", "creation_timestamp": "2025-11-02T00:00:00.000000Z"}, {"uuid": "b6819bbf-4714-42a1-9aef-7183240e97c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "d5ec0da8-2e89-4de2-b5df-250613f580f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-04)", "content": "", "creation_timestamp": "2025-10-04T00:00:00.000000Z"}, {"uuid": "6768f7d1-ea31-47f2-9016-a06100942030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "90900145-924b-4b14-b149-483c753c2ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-11)", "content": "", "creation_timestamp": "2025-10-11T00:00:00.000000Z"}, {"uuid": "4c3a9bab-c2b9-46b6-bf5a-9579720e1b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-28)", "content": "", "creation_timestamp": "2025-10-28T00:00:00.000000Z"}, {"uuid": "53fa1fb9-08dd-4679-a059-b6116246ddcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-07)", "content": "", "creation_timestamp": "2025-10-07T00:00:00.000000Z"}, {"uuid": "7d551fd9-9b0a-49f0-bf70-92c846fe82d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-23)", "content": "", "creation_timestamp": "2025-08-23T00:00:00.000000Z"}, {"uuid": "e2b7a6bd-58fb-48b0-8cdc-fe5c97d70629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-05)", "content": "", "creation_timestamp": "2025-11-05T00:00:00.000000Z"}, {"uuid": "6ab8922b-96fb-4b09-b84c-0c9ad2fb5fdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-08)", "content": "", "creation_timestamp": "2025-09-08T00:00:00.000000Z"}, {"uuid": "eaa3f5ed-5835-42e5-9d76-93c93179af32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-10)", "content": "", "creation_timestamp": "2025-10-10T00:00:00.000000Z"}, {"uuid": "cda084ad-d1bf-449f-8305-b28fea3ad825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-15)", "content": "", "creation_timestamp": "2025-09-15T00:00:00.000000Z"}, {"uuid": "46fd5998-4b5a-409f-98d1-6bbaad6d1916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-24)", "content": "", "creation_timestamp": "2025-10-24T00:00:00.000000Z"}, {"uuid": "2223ed08-59dc-4cba-929d-b45aedd950be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/f5_icontrol_rest_ssrf_rce.rb", "content": "", "creation_timestamp": "2021-04-01T13:47:57.000000Z"}, {"uuid": "aa0ce924-dd7b-4392-aea5-265d4653f85b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-18)", "content": "", "creation_timestamp": "2025-11-18T00:00:00.000000Z"}, {"uuid": "5d9ad2ea-d1b6-4fa1-b56b-010dc2a400c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "86cb8049-ea88-47ff-a3ee-9e3b2150449b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-26)", "content": "", "creation_timestamp": "2025-08-26T00:00:00.000000Z"}, {"uuid": "de1497ab-b1d6-43ea-baa1-3059ea834116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-17)", "content": "", "creation_timestamp": "2025-10-17T00:00:00.000000Z"}, {"uuid": "551017ac-8b94-4478-8fe6-a5f7b3264d3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-14)", "content": "", "creation_timestamp": "2025-11-14T00:00:00.000000Z"}, {"uuid": "000d1f4b-31fb-4c1b-a2d8-d7803a33f480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-27)", "content": "", "creation_timestamp": "2025-08-27T00:00:00.000000Z"}, {"uuid": "3457117b-0176-42b0-9347-b1430dcdd4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-31)", "content": "", "creation_timestamp": "2025-08-31T00:00:00.000000Z"}, {"uuid": "2488720d-b2db-4e04-a1c0-3f9755dca7f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-28)", "content": "", "creation_timestamp": "2025-08-28T00:00:00.000000Z"}, {"uuid": "2ae420e4-2a4a-4e09-a2e0-de38b2967556", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:55.000000Z"}, {"uuid": "5cc3094d-d06a-4278-9fdf-20c376ac3621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-11)", "content": "", "creation_timestamp": "2025-09-11T00:00:00.000000Z"}, {"uuid": "95fffd33-474a-44b8-971a-0aaceff89d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://gist.github.com/Darkcrai86/ff743d3261b74c068b9590520a09ec2c", "content": "", "creation_timestamp": "2025-08-30T10:33:43.000000Z"}, {"uuid": "2d6a989b-ae89-4ed5-8e07-c515ba1b1c40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22987", "type": "seen", "source": "https://gist.github.com/Darkcrai86/ff743d3261b74c068b9590520a09ec2c", "content": "", "creation_timestamp": "2025-08-30T10:33:43.000000Z"}, {"uuid": "ad409c6e-f493-46e2-9258-dbbf031fcb65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:41.000000Z"}, {"uuid": "e44fe437-6821-45ad-9ed7-6ab879c1db48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-02)", "content": "", "creation_timestamp": "2025-09-02T00:00:00.000000Z"}, {"uuid": "e5e667c8-82ee-4c1d-9292-e29b49bb3f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-03)", "content": "", "creation_timestamp": "2025-09-03T00:00:00.000000Z"}, {"uuid": "16c0027f-a43b-48a2-b398-c76b5a7d05f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-01)", "content": "", "creation_timestamp": "2025-09-01T00:00:00.000000Z"}, {"uuid": "d45bea54-2406-4316-8911-902cf003cdc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-22)", "content": "", "creation_timestamp": "2026-02-22T00:00:00.000000Z"}, {"uuid": "72b8e942-435a-4a41-93c8-32a100e28ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-04)", "content": "", "creation_timestamp": "2025-09-04T00:00:00.000000Z"}, {"uuid": "a043a5f7-75be-4d5b-a42a-1f7c4da051b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-07)", "content": "", "creation_timestamp": "2026-02-07T00:00:00.000000Z"}, {"uuid": "1eb23299-eef2-4edc-96fc-cd12303e2035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-06)", "content": "", "creation_timestamp": "2026-02-06T00:00:00.000000Z"}, {"uuid": "566ed38f-bfa6-4e21-8b17-541ea26a927a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-16)", "content": "", "creation_timestamp": "2025-12-16T00:00:00.000000Z"}, {"uuid": "65719f30-e42b-4ced-9114-1fb92721413e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "af2aed31-5085-4536-9d95-1414302cf16f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-25)", "content": "", "creation_timestamp": "2026-03-25T00:00:00.000000Z"}, {"uuid": "f96cf6bd-6d3d-4b50-bbab-3c03e632ba28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-17)", "content": "", "creation_timestamp": "2026-03-17T00:00:00.000000Z"}, {"uuid": "4e38facc-77e7-436b-96c3-62bedc576266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-08)", "content": "", "creation_timestamp": "2026-03-08T00:00:00.000000Z"}, {"uuid": "3d798e47-56cc-4b45-ac68-530c27725806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-19)", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "301c7f86-5ee9-4ba1-abb5-79602581a1c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "6bf23e4c-722c-4df0-8789-5571044f0a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "e461713d-1628-4c35-ba73-c067cacf5b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-12)", "content": "", "creation_timestamp": "2026-03-12T00:00:00.000000Z"}, {"uuid": "e62dd04c-d5d9-4fa3-b3da-6677da1bd3b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-28)", "content": "", "creation_timestamp": "2026-03-28T00:00:00.000000Z"}, {"uuid": "944a199b-cce5-4a88-9f69-f4e2fa4e81d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-18)", "content": "", "creation_timestamp": "2026-03-18T00:00:00.000000Z"}, {"uuid": "035408f3-94ad-4606-bf5a-279772348f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-14)", "content": "", "creation_timestamp": "2026-03-14T00:00:00.000000Z"}, {"uuid": "3d409192-f48b-4681-afe9-2842c27bd285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-16)", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "aa6611e4-dd91-4095-ad1e-8926db91ff81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "45e15c74-7952-4df2-9b00-d6f25ceceadb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-23)", "content": "", "creation_timestamp": "2026-03-23T00:00:00.000000Z"}, {"uuid": "65b11d07-67ff-40bd-b7b0-022b6503213f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "4c5f4f20-a101-4789-b742-908767af4061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-16)", "content": "", "creation_timestamp": "2026-01-16T00:00:00.000000Z"}, {"uuid": "21b4e33a-f56e-49b3-9001-ad7d12bd7702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-24)", "content": "", "creation_timestamp": "2026-03-24T00:00:00.000000Z"}, {"uuid": "b94c217c-6008-4a2c-89ac-57320f4e9295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-11)", "content": "", "creation_timestamp": "2026-03-11T00:00:00.000000Z"}, {"uuid": "1d24c3ca-7522-41cc-a451-080164db11d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_10/21", "content": "", "creation_timestamp": "2021-03-11T10:08:20.000000Z"}, {"uuid": "903e0d70-da33-4f5f-a315-32762e1d827d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22987", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_10/21", "content": "", "creation_timestamp": "2021-03-11T10:08:20.000000Z"}, {"uuid": "c226dd40-f52e-47ee-ad3b-0a0accc425c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=561", "content": "", "creation_timestamp": "2021-03-12T04:00:00.000000Z"}, {"uuid": "6c97d042-7ef8-4204-8c79-adf604552451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-22987", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=561", "content": "", "creation_timestamp": "2021-03-12T04:00:00.000000Z"}, {"uuid": "5f8fcbdf-f9b5-43c4-af19-7e9c41e9c9b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "5e70fe92-05dc-4d8c-bcaf-191985b884c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-15)", "content": "", "creation_timestamp": "2026-03-15T00:00:00.000000Z"}, {"uuid": "b5515bf4-9c64-41ad-ae58-7de9721af200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-17)", "content": "", "creation_timestamp": "2026-01-17T00:00:00.000000Z"}, {"uuid": "960dd8d6-be19-4094-a634-a8bd273ff419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "250c1c63-fafe-4398-afe9-dc6a0a3dc172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/352bf46a-cf99-4064-b345-0f6324c9ad58", "content": "", "creation_timestamp": "2026-02-02T12:28:43.770963Z"}, {"uuid": "c83ed87a-8e43-47df-afd1-2048b1352868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-23)", "content": "", "creation_timestamp": "2026-01-23T00:00:00.000000Z"}, {"uuid": "b101e931-c535-480d-a1a0-7be7fa12a17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-21)", "content": "", "creation_timestamp": "2026-01-21T00:00:00.000000Z"}, {"uuid": "3dbec351-5968-443e-af2a-8711b66b0196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-22)", "content": "", "creation_timestamp": "2026-01-22T00:00:00.000000Z"}, {"uuid": "0106f2dd-b312-43cb-bc4b-938b87eb3640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "8e3c290a-8db5-4c85-aa88-4754395f24eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-29)", "content": "", "creation_timestamp": "2026-03-29T00:00:00.000000Z"}, {"uuid": "f25d744a-7090-4e1c-bef4-002814eb3780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/cKure/4425", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Security Advisory Regarding F5 Vulnerabilities. The advisory acknowledges over 21 vulnerabilities in total: four critical, seven high, and ten medium CVEs in total.\u00a0\n\niControl REST unauthenticated remote command execution vulnerability CVE-2021-22986\n\n\nhttps://support.f5.com/csp/article/K03009991 #0day #Zeroday", "creation_timestamp": "2021-03-19T23:50:52.000000Z"}, {"uuid": "45528e99-4551-4718-8b10-62d01f8529b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-31)", "content": "", "creation_timestamp": "2026-03-31T00:00:00.000000Z"}, {"uuid": "c59e95f4-879e-478b-8cb2-4352bc1c6b90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "b07de8b2-4633-41a8-b195-db0e7fa6957b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-04)", "content": "", "creation_timestamp": "2026-04-04T00:00:00.000000Z"}, {"uuid": "46e59d5a-99e6-49e5-ac5b-48646f82a51e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "04d6d1d3-17c5-4642-a8d5-ad06f597f12b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-30)", "content": "", "creation_timestamp": "2026-03-30T00:00:00.000000Z"}, {"uuid": "624afca1-696b-4ae0-b9f5-b0507bbc8292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "5a3c15a2-85c7-4e7e-912b-6bfb134f9516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-05)", "content": "", "creation_timestamp": "2026-04-05T00:00:00.000000Z"}, {"uuid": "465e677f-5dd0-4a42-97f2-97c253eb6518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-06)", "content": "", "creation_timestamp": "2026-04-06T00:00:00.000000Z"}, {"uuid": "d4e3ad6c-802a-47ce-b209-d5e0ed4e3c0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-07)", "content": "", "creation_timestamp": "2026-04-07T00:00:00.000000Z"}, {"uuid": "8467c28d-1dec-40ac-b21f-17d5284f415f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4260", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 F5 #Zeroday:\n\nApplication security company F5 Networks on Wednesday published an\u00a0advisory\u00a0warning of four critical vulnerabilities impacting multiple products that could result in a denial of service (DoS) attack and even unauthenticated remote code execution on target networks. The patches concern a total of seven related flaws (from CVE-2021-22986 through CVE-2021-22992),\u00a0two\u00a0of\u00a0which\u00a0were discovered and reported by Felix Wilhelm of Google Project Zero in December 2020. \n\nhttps://thehackernews.com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html #0day", "creation_timestamp": "2021-03-11T07:19:05.000000Z"}, {"uuid": "c208092d-77a5-4756-9d4d-948723760a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/cKure/4434", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Pre-Auth RCE Flaw Found in F5 Big-IP Platform (CVE-2021-22986). There are over 61,000 domains, and 194,000 IP addresses were detected by Spyse scanners. All of them potentially vulnerable. Spyse search query: https://spyse.com/target/technology/F5%20BigIP", "creation_timestamp": "2021-03-20T07:57:30.000000Z"}, {"uuid": "17d52eb8-bf81-4934-8880-422bbae48467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4430", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-22986: Execute arbitrary system commands create or delete files disable services.\n\nPoC #1\ncurl -su admin: -H \"Content-Type: application/json\" http://[victimIP]/mgmt/tm/util/bash -d '{\"command\":\"run\",\"utilCmdArgs\":\"-c id\"}'\n\nPoC #2\ncurl -ks https://[victimIP]/mgmt/shared/authn/login -d '{\"bigipAuthCookie\":\"\",\"loginReference\":{\"link\":\"http://localhost/mgmt/tm/access/bundle-install-tasks\"},\"filePath\":\"id\"}'\n\nPoC #3\ncurl -ksu admin:[redacted] https://[vimtimIP]/mgmt/tm/access/bundle-install-tasks -d '{\"filePath\":\"id\"}'", "creation_timestamp": "2021-03-20T07:52:22.000000Z"}, {"uuid": "0dc2e943-20b2-45d1-83bc-bfaeba863773", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4429", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-22986: iControl REST unauthenticated RCE.\n\nhttps://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986", "creation_timestamp": "2021-03-20T07:46:12.000000Z"}, {"uuid": "bfbbd08f-b78d-43e1-bb7c-e60eb4d75cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-08)", "content": "", "creation_timestamp": "2026-04-08T00:00:00.000000Z"}, {"uuid": "761c9ce9-9a0b-497d-8df7-30268fbe4249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/cKure/4426", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2021-22986: iControl REST unauthenticated remote command execution vulnerability.\n\nhttps://research.nccgroup.com/2021/03/18/rift-detection-capabilities-for-recent-f5-big-ip-big-iq-icontrol-rest-api-vulnerabilities-cve-2021-22986/", "creation_timestamp": "2021-03-19T23:59:17.000000Z"}, {"uuid": "5c82dc8e-d133-4d20-87d1-72e4452d8deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://t.me/cKure/4437", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Critical F5 BIG-IP Flaw Now Under Active Attack. CVE-2021-22986\n\nResearchers are reporting mass scanning for \u2013 and in-the-wild exploitation of \u2013 a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure.", "creation_timestamp": "2021-03-20T09:27:06.000000Z"}, {"uuid": "89e2f6b5-cc76-440a-b9e6-254b804aad6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-09)", "content": "", "creation_timestamp": "2026-04-09T00:00:00.000000Z"}, {"uuid": "766e2afe-7448-4a01-8d06-fdd26af6f779", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "0ddca3d4-1848-4417-9cf4-7de5000a7d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "e720120f-3bf1-470c-9e07-620d89cf06db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-19)", "content": "", "creation_timestamp": "2026-04-19T00:00:00.000000Z"}, {"uuid": "2251dbd9-4e35-45ed-8498-e28d66380c14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "18931160-eb79-4f97-9c6a-fdd37b20fe5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-13)", "content": "", "creation_timestamp": "2026-04-13T00:00:00.000000Z"}, {"uuid": "9ce042d7-bd41-46d1-90db-c7d29c375be6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-14)", "content": "", "creation_timestamp": "2026-04-14T00:00:00.000000Z"}, {"uuid": "22822732-e38d-4df6-89dc-2a4daf6857cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "8749c7c2-ec71-4d35-ad71-fe2faf83955f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-15)", "content": "", "creation_timestamp": "2026-04-15T00:00:00.000000Z"}, {"uuid": "1f265392-41fa-4a8a-b1df-fecc378f5024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-17)", "content": "", "creation_timestamp": "2026-04-17T00:00:00.000000Z"}, {"uuid": "d4608fe1-bde8-4b7d-bebe-8896202bbf8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-22)", "content": "", "creation_timestamp": "2026-04-22T00:00:00.000000Z"}, {"uuid": "406bdabf-90cc-449f-9826-f510cda948f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-18)", "content": "", "creation_timestamp": "2026-04-18T00:00:00.000000Z"}, {"uuid": "6a996e86-765b-461b-96f7-81d752d52a8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "90c6966a-b3cd-4ffd-8b8f-f20c9aadc668", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-21)", "content": "", "creation_timestamp": "2026-04-21T00:00:00.000000Z"}, {"uuid": "2cdf70cc-9d0a-4a59-8742-d2b6ce725ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "Telegram/39dVApFnE9v5_QB_8bvAlz42tzWjOl-_5WIkJV_52rahre4", "content": "", "creation_timestamp": "2026-04-11T03:00:05.000000Z"}, {"uuid": "c2c702c2-c487-49cf-a403-5023d91df1b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-23)", "content": "", "creation_timestamp": "2026-04-23T00:00:00.000000Z"}, {"uuid": "49eb0104-d2a7-4e8e-b37e-f879ff3b0853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-24)", "content": "", "creation_timestamp": "2026-04-24T00:00:00.000000Z"}, {"uuid": "bf7add24-bcd1-4487-a9c8-5ed0232e587d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2308", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC\u96c6\u5408\nURL\uff1ahttps://github.com/west9b/F5-BIG-IP-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-28T14:29:21.000000Z"}, {"uuid": "279f2b82-c52c-444f-8979-1836af2a7713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-26)", "content": "", "creation_timestamp": "2026-04-26T00:00:00.000000Z"}, {"uuid": "eb05bcf3-3689-4754-b327-606a7c159111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-27)", "content": "", "creation_timestamp": "2026-04-27T00:00:00.000000Z"}, {"uuid": "9538b6f2-f6c6-4b5b-b9ac-ea3fbd7b8de3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/antichat/9379", "content": "Nice write-up of CVE-2021-22986 (F5 iControl REST) from wvu\n\nhttps://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986", "creation_timestamp": "2021-03-17T12:40:54.000000Z"}, {"uuid": "4353d7b8-ad1c-4263-b041-0a1e098574ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/eXCe_Fixxed/109130", "content": "# DD0S CVE List by Layer 3/4/7\n\n##  Layer 3 (Network) - ICMP, IP, NDP\n\n# 2020\n- CVE-2020-16898  > Windows TCP/IP \"Bad Neighbor\" - ICMPv6 ping of death (DoS via BSOD)\n\n##  Layer 4 (Transport) - TCP, UDP\n\n# 2013\n- CVE-2013-5211  > NTP Amplification Attack via 'monlist' (UDP-based)\n\n# 2016\n- CVE-2016-9244  > Cisco VPN IKEv1 flood (UDP port 500 DoS)\n\n# 2018\n- CVE-2018-1000115  > Memcached UDP Amplification (reflection attack)\n\n# 2018\n- CVE-2018-0171  > Cisco Smart Install DoS (TCP port 4786)\n\n##  Layer 7 (Application) - HTTP, NTP, Memcached, API\n\n# 2021\n- CVE-2021-22986  > F5 BIG-IP iControl REST unauth DoS/RCE (API abuse)\n\n# 2023\n- CVE-2023-44487  > HTTP/2 Rapid Reset Attack - stream reset flooding\n\n# 2024\n- CVE-2024-29269  > Telesquare LTE Router Cmd Injection (dapat digunakan untuk DoS chaining) {New Cve Bug}", "creation_timestamp": "2025-08-03T06:11:01.000000Z"}, {"uuid": "035c0d63-1bc0-4444-9dd3-d626f113e56b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "d5507729-261c-4c08-aa80-f98a3de0231b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-28)", "content": "", "creation_timestamp": "2026-04-28T00:00:00.000000Z"}, {"uuid": "f353208c-f124-4844-b390-1d2bbb9a06da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/eXCe_Fixxed/502", "content": "# DD0S CVE List by Layer 3/4/7\n\n##  Layer 3 (Network) - ICMP, IP, NDP\n\n# 2020\n- CVE-2020-16898  > Windows TCP/IP \"Bad Neighbor\" - ICMPv6 ping of death (DoS via BSOD)\n\n##  Layer 4 (Transport) - TCP, UDP\n\n# 2013\n- CVE-2013-5211  > NTP Amplification Attack via 'monlist' (UDP-based)\n\n# 2016\n- CVE-2016-9244  > Cisco VPN IKEv1 flood (UDP port 500 DoS)\n\n# 2018\n- CVE-2018-1000115  > Memcached UDP Amplification (reflection attack)\n\n# 2018\n- CVE-2018-0171  > Cisco Smart Install DoS (TCP port 4786)\n\n##  Layer 7 (Application) - HTTP, NTP, Memcached, API\n\n# 2021\n- CVE-2021-22986  > F5 BIG-IP iControl REST unauth DoS/RCE (API abuse)\n\n# 2023\n- CVE-2023-44487  > HTTP/2 Rapid Reset Attack - stream reset flooding\n\n# 2024\n- CVE-2024-29269  > Telesquare LTE Router Cmd Injection (dapat digunakan untuk DoS chaining) {New Cve Bug}", "creation_timestamp": "2025-08-03T06:11:01.000000Z"}, {"uuid": "025c6e45-fa41-4205-8ebd-f106f77d1d78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1576", "content": "CVE-2021-22986\nF5 BIG-IP/BIG-IQ iControl Rest API SSRF to RCE\n\nexploit:\npython CVE-2021-22986.py <127.0.0.1:443>\n\nhttps://github.com/Udyz/CVE-2021-22986-SSRF2RCE\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-05-18T19:02:12.000000Z"}, {"uuid": "c38e5790-5a85-46fd-8f39-22ce75c66f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/infobes/295", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 8 - 14)\nCVE-2021-26855, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22986, CVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nhttps://mobile.twitter.com/osama_hroot/status/1367258907601698816\nhttps://paper.seebug.org/1495\nCVE-2021-21300 - Git vulnerability\nhttps://t.me/cybersecuritytechnologies/2880\nCVE-2021-26411 - IE mshtml use-after-free\nhttps://t.me/cybersecuritytechnologies/2908", "creation_timestamp": "2021-03-15T04:50:46.000000Z"}, {"uuid": "ab28976b-5360-4e43-8b75-ae8ea6b89e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22987", "type": "exploited", "source": "https://t.me/infobes/301", "content": "CVE-2021-26855/27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-22986 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-27076 - A Replay-style Deserialization Attack Against SharePoint\nhttps://t.me/cybersecuritytechnologies/2930\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193:\nGoogle Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-27076:\nReplay Deserialization Attack Against SharePoint\nhttps://t.me/cybersecuritytechnologies/2930\nCVE-2021-27889, CVE-2021-27890:\nMyBB RCE Chain\nhttps://blog.sonarsource.com/mybb-remote-code-execution-chain", "creation_timestamp": "2021-03-22T10:14:45.000000Z"}, {"uuid": "fab8d532-e617-4587-a655-9b040e11fa40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/infobes/305", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html?m=1#click=https://t.co/z6FHjamuUy\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2021-03-29T03:08:41.000000Z"}, {"uuid": "56c74c21-09dc-4969-93f1-baeb9d17e0fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22987", "type": "published-proof-of-concept", "source": "https://t.me/infobes/295", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 8 - 14)\nCVE-2021-26855, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22986, CVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nhttps://mobile.twitter.com/osama_hroot/status/1367258907601698816\nhttps://paper.seebug.org/1495\nCVE-2021-21300 - Git vulnerability\nhttps://t.me/cybersecuritytechnologies/2880\nCVE-2021-26411 - IE mshtml use-after-free\nhttps://t.me/cybersecuritytechnologies/2908", "creation_timestamp": "2021-03-15T04:50:46.000000Z"}, {"uuid": "eebbb91a-f597-49f8-8e95-abcc34e0843a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://t.me/infobes/301", "content": "CVE-2021-26855/27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-22986 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-27076 - A Replay-style Deserialization Attack Against SharePoint\nhttps://t.me/cybersecuritytechnologies/2930\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193:\nGoogle Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-27076:\nReplay Deserialization Attack Against SharePoint\nhttps://t.me/cybersecuritytechnologies/2930\nCVE-2021-27889, CVE-2021-27890:\nMyBB RCE Chain\nhttps://blog.sonarsource.com/mybb-remote-code-execution-chain", "creation_timestamp": "2021-03-22T10:14:45.000000Z"}, {"uuid": "9967c30f-d517-40b2-bffb-97089919f333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/12", "content": "Nice write-up of CVE-2021-22986 (F5 iControl REST) from wvu\n\nhttps://attackerkb.com/topics/J6pWeg5saG/k03009991-icontrol-rest-unauthenticated-remote-command-execution-vulnerability-cve-2021-22986", "creation_timestamp": "2021-03-17T08:35:01.000000Z"}, {"uuid": "91763aa3-7320-4863-8b95-3ab806444c5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://t.me/ctinow/30625", "content": "Threat actors are attempting to exploit CVE-2021-22986 in F5 BIG-IP devices in the wild\n\nhttps://ift.tt/2Qnw30N", "creation_timestamp": "2021-03-19T22:47:11.000000Z"}, {"uuid": "c239a9fd-acb6-48ca-8716-dee36c2a29d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://t.me/alexmakus/3976", "content": "\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f F5, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u043c \u0438 \u0438\u0441\u0445\u043e\u0434\u044f\u0449\u0438\u043c \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c \u0432 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u0441\u0435\u0442\u044f\u0445, \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0430\u043f\u0434\u0435\u0439\u0442, \u0435\u0451 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439\n\nhttps://support.f5.com/csp/article/K02566623\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u044d\u0442\u043e\u0433\u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e, \u0438 \u0432\u043e\u0442 \u0443\u0436\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 \u043f\u0438\u0448\u0443\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0432 \u0441\u0435\u0442\u0438 \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 - \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445\n\nhttps://twitter.com/buffaloverflow/status/1372861157317435394?s=21\n\n\u041c\u0430\u043b\u043e \u0431\u044b\u043b\u043e Exchange, \u0442\u0435\u043f\u0435\u0440\u044c \u0435\u0449\u0451 \u044d\u0442\u043e\n\nhttps://research.nccgroup.com/2021/03/18/rift-detection-capabilities-for-recent-f5-big-ip-big-iq-icontrol-rest-api-vulnerabilities-cve-2021-22986/", "creation_timestamp": "2021-03-22T08:21:02.000000Z"}, {"uuid": "68455e6f-3e7a-4a4c-aece-4df5099b44c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1043", "content": "\ud83d\udd30\ud83e\ude78 F5 BIG-IP RCE (CVE-2021-22986)\n\n\n \u24c2 \u062a\u062a\u064a\u062d \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u0643\u062a\u0634\u0641\u0629 \u0645\u0624\u062e\u0631\u064b\u0627 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0627\u062f\u0642\u064a\u0646 \u0627\u0644\u0630\u064a\u0646 \u0644\u062f\u064a\u0647\u0645 \u0625\u0645\u0643\u0627\u0646\u064a\u0629 \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0634\u0628\u0643\u0629 \u0625\u0644\u0649 \u0648\u0627\u062c\u0647\u0629 iControl REST \u0645\u0646 \u062e\u0644\u0627\u0644 \u0648\u0627\u062c\u0647\u0629 \u0625\u062f\u0627\u0631\u0629 BIG-IP \u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0639\u0633\u0641\u064a\u0629 \u0648\u0625\u0646\u0634\u0627\u0621 \u0627\u0644\u0645\u0644\u0641\u0627\u062a \u0623\u0648 \u062d\u0630\u0641\u0647\u0627 \u0648\u062a\u0639\u0637\u064a\u0644 \u0627\u0644\u062e\u062f\u0645\u0627\u062a.\n\n \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0624\u062f\u064a \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0625\u0644\u0649 \u0627\u062e\u062a\u0631\u0627\u0642 \u0643\u0627\u0645\u0644 \u0644\u0644\u0646\u0638\u0627\u0645.  \u0646\u0638\u0627\u0645 BIG-IP \u0641\u064a \u0648\u0636\u0639 \u0627\u0644\u0623\u062c\u0647\u0632\u0629 \u0645\u0639\u0631\u0636 \u0644\u0644\u062e\u0637\u0631 \u0623\u064a\u0636\u064b\u0627.\n\n\n \ud83d\udc89 \u0628\u064a \u0623\u0648 \u0633\u064a\n\n \u062d\u0644\u064a\u0642\u0629 -su \u0627\u0644\u0645\u0634\u0631\u0641: -H \"\u0646\u0648\u0639 \u0627\u0644\u0645\u062d\u062a\u0648\u0649: application/json\" http://[victimIP]/mgmt/tm/util/bash -d '{\"command\": \"run\"\u060c \"utilCmdArgs\": \"-c  \u0628\u0637\u0627\u0642\u0629 \u062a\u0639\u0631\u064a\u0641\"}'\n\n\n \ud83d\udd0e \u0634\u0648\u062f\u0627\u0646:\n http.title:\"BIG-IP\"\n\n \ud83d\udd0e \u0641\u0648\u0641\u0627:\n \u0627\u0644\u062a\u0637\u0628\u064a\u0642 = \"F5-\u0628\u064a\u062c\u064a\u0628\"", "creation_timestamp": "2024-03-29T18:27:13.000000Z"}, {"uuid": "fe10d5e1-803d-4812-b908-e2edf7667665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "Telegram/mqNICT3vYwzcAC4r9Tfk0Mzci_uEN916ab7VLX6-xttl9Q", "content": "", "creation_timestamp": "2023-11-22T10:46:57.000000Z"}, {"uuid": "5b638062-e81a-40f6-85fc-1a7876d1f448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/11", "content": "CVE-2021-22986 F5 BIG-IP iControl RCE\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-22986_F5_BIG-IP_iControl_RCE%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:55.000000Z"}, {"uuid": "b489a881-f578-4736-8a76-ac2cb9841ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "Telegram/7YlQ0tcKhawUuq27XcUCeJK2MrqgQiPg8fXdMyJ9L6pzrrna", "content": "", "creation_timestamp": "2025-01-30T02:17:48.000000Z"}, {"uuid": "5e657c62-cf17-49f7-b451-da6a2e8ee5e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "Telegram/l4SX0qh_U06RJ4fTj6g-Xt-ri88LJ4geHlPZZORXMtv3qR25lA", "content": "", "creation_timestamp": "2025-04-25T03:05:23.000000Z"}, {"uuid": "519bad63-527e-47e7-b6f1-2fd3722cc346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-30)", "content": "", "creation_timestamp": "2026-04-30T00:00:00.000000Z"}, {"uuid": "0a2995c6-0afa-42ff-a468-0fa7f21d2332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-29)", "content": "", "creation_timestamp": "2026-04-29T00:00:00.000000Z"}, {"uuid": "4fcdbea3-406b-444f-ba7a-800463098ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-01)", "content": "", "creation_timestamp": "2026-05-01T00:00:00.000000Z"}, {"uuid": "b6fe91ce-f26b-4dec-af3d-dc3f558e6119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22984", "type": "seen", "source": "https://t.me/cibsecurity/23565", "content": "\u203c CVE-2021-22984 \u203c\n\nOn BIG-IP Advanced WAF and ASM version 15.1.x before 15.1.0.2, 15.0.x before 15.0.1.4, 14.1.x before 14.1.2.5, 13.1.x before 13.1.3.4, 12.1.x before 12.1.5.2, and 11.6.x before 11.6.5.2, when receiving a unauthenticated client request with a maliciously crafted URI, a BIG-IP Advanced WAF or ASM virtual server configured with a DoS profile with Proactive Bot Defense (versions prior to 14.1.0), or a Bot Defense profile (versions 14.1.0 and later), may subject clients and web servers to Open Redirection attacks. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T22:43:46.000000Z"}, {"uuid": "d97a31e4-f396-4d35-a866-f80017ec46b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22981", "type": "seen", "source": "https://t.me/cibsecurity/23556", "content": "\u203c CVE-2021-22981 \u203c\n\nOn all versions of BIG-IP 12.1.x and 11.6.x, the original TLS protocol includes a weakness in the master secret negotiation that is mitigated by the Extended Master Secret (EMS) extension defined in RFC 7627. TLS connections that do not use EMS are vulnerable to man-in-the-middle attacks during renegotiation. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T20:43:53.000000Z"}, {"uuid": "196ef586-f055-4eb8-9873-3d8c4f46675e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22980", "type": "seen", "source": "https://t.me/cibsecurity/23555", "content": "\u203c CVE-2021-22980 \u203c\n\nIn Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1.8.5, an untrusted search path vulnerability in the BIG-IP APM Client Troubleshooting Utility (CTU) for Windows could allow an attacker to load a malicious DLL library from its current directory. User interaction is required to exploit this vulnerability in that the victim must run this utility on the Windows system. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T20:43:52.000000Z"}, {"uuid": "44ba0ddb-84d0-41d5-ad10-d4264f2f09af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22982", "type": "seen", "source": "https://t.me/cibsecurity/23550", "content": "\u203c CVE-2021-22982 \u203c\n\nOn BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T20:43:47.000000Z"}, {"uuid": "35ff31c2-ce7f-4127-b402-4816b2ffa37f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22985", "type": "seen", "source": "https://t.me/cibsecurity/23547", "content": "\u203c CVE-2021-22985 \u203c\n\nOn BIG-IP APM version 16.0.x before 16.0.1.1, under certain conditions, when processing VPN traffic with APM, TMM consumes excessive memory. A malicious, authenticated VPN user may abuse this to perform a DoS attack against the APM. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T20:43:45.000000Z"}, {"uuid": "f2e86f36-8547-4902-9430-ff761ee91cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22983", "type": "seen", "source": "https://t.me/cibsecurity/23560", "content": "\u203c CVE-2021-22983 \u203c\n\nOn BIG-IP AFM version 15.1.x before 15.1.1, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.5, authenticated users accessing the Configuration utility for AFM are vulnerable to a cross-site scripting attack if they attempt to access a maliciously-crafted URL. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T20:44:00.000000Z"}, {"uuid": "a0abbf30-0f6e-42fa-bc9a-260f48f999cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2955", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 15 - 21)\nCVE-2021-26855/27065 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-27076 - A Replay-style Deserialization Attack Against SharePoint\nhttps://t.me/cybersecuritytechnologies/2930\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21193:\nGoogle Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-27076:\nReplay Deserialization Attack Against SharePoint\nhttps://t.me/cybersecuritytechnologies/2930\nCVE-2021-27889, CVE-2021-27890:\nMyBB RCE Chain\nhttps://blog.sonarsource.com/mybb-remote-code-execution-chain", "creation_timestamp": "2021-03-29T05:54:18.000000Z"}, {"uuid": "9cb047c1-6a01-483e-8b5c-55e2b893599f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-02)", "content": "", "creation_timestamp": "2026-05-02T00:00:00.000000Z"}, {"uuid": "cc2ecc44-26bc-4fe6-bd56-f9b02f6ce818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/thehackernews/1085", "content": "A critical pre-auth RCE flaw (CVE-2021-22986) has been discovered in the F5's Big-IP and BIG-IQ software \u2014 Patch ASAP!\n\nRead details: https://thehackernews.com/2021/03/critical-pre-auth-rce-flaw-found-in-f5.html\nBesides this, a few other newly reported flaws also result in a denial of service (DoS) attack.", "creation_timestamp": "2021-03-11T07:06:06.000000Z"}, {"uuid": "4050308e-b9bc-4eab-b8ce-1b21f3c90446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://t.me/thehackernews/1103", "content": "A critical vulnerability (CVE-2021-22986 / CVSS score: 9.8) affecting F5's BIG-IP and BIG-IQ products is UNDER ACTIVE ATTACKS after a PoC exploit was posted online.\n\nRead details: https://thehackernews.com/2021/03/latest-f5-big-ip-bug-under-active.html", "creation_timestamp": "2021-03-20T17:05:45.000000Z"}, {"uuid": "f916e3a3-522b-44f2-b00e-0ef85fcdb0a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2109", "content": "#CVE-2022\nCVE-2020-5902 CVE-2021-22986 CVE-2022-1388 POC\u96c6\u5408\n\nhttps://github.com/west9b/F5-BIG-IP-POC\n\n@BlueRedTeam", "creation_timestamp": "2022-05-28T16:30:21.000000Z"}, {"uuid": "1f228f8b-b3d7-45cb-9ae0-e26808c7dd29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-03)", "content": "", "creation_timestamp": "2026-05-03T00:00:00.000000Z"}, {"uuid": "acd738dc-03ec-42b0-be17-45203525ccb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "https://t.me/xakep_ru/10528", "content": "\u0421\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 F5 BIG-IP \u043d\u0430\u0447\u0430\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0445\u0430\u043a\u0435\u0440\u044b\n\n\u0420\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 F5 Networks \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 BIG-IP \u0438 BIG-IQ. \u0422\u0435\u043f\u0435\u0440\u044c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u0430\u043c\u0438.\n\nhttps://xakep.ru/2021/03/22/cve-2021-22986/", "creation_timestamp": "2021-03-22T16:35:12.000000Z"}, {"uuid": "07e73e9c-437a-4fb7-820b-3aeea3daf766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22987", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2911", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 8 - 14)\nCVE-2021-26855, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22986, CVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nhttps://mobile.twitter.com/osama_hroot/status/1367258907601698816\nhttps://paper.seebug.org/1495\nCVE-2021-21300 - Git vulnerability\nhttps://t.me/cybersecuritytechnologies/2880\nCVE-2021-26411 - IE mshtml use-after-free\nhttps://t.me/cybersecuritytechnologies/2908", "creation_timestamp": "2021-03-15T11:00:37.000000Z"}, {"uuid": "b945ff20-d452-4537-8ea7-16f52a23c720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3007", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2022-06-01T02:33:44.000000Z"}, {"uuid": "67e2f0ee-3f6c-4ac5-b6a7-babbf903d2dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2881", "content": "Critical 1-day Vulnerabilities in F5 BIG-IP, BIG-IQ\n\n1. CVE-2021-22986:\nTraffic Management Microkernels (TMM) uri_normalize_host infoleak/out-of-bounds write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2126\n2. CVE-2021-22992:\nASM stack-based buffer overflow in is_hdr_criteria_matches\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2132\n3. CVE-2021-22991:\nTMM uri_normalize_host infoleak/out-of-bounds write\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2126", "creation_timestamp": "2024-05-07T14:26:21.000000Z"}, {"uuid": "a79da144-7640-4c95-80c9-432d5207febd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2911", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 8 - 14)\nCVE-2021-26855, CVE-2021-27065 - ProxyLogon MS Exchange Server RCE Vulnerability\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22986, CVE-2021-22987 - F5 BIG-IP TMM uri_normalize_host infoleak and out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-21193 - Google Chrome Blink code execution\nhttps://vulmon.com/vulnerabilitydetails?qid=CVE-2021-21193\nCVE-2021-21978 - VMware View Planner\u00a0RCE\nhttps://mobile.twitter.com/osama_hroot/status/1367258907601698816\nhttps://paper.seebug.org/1495\nCVE-2021-21300 - Git vulnerability\nhttps://t.me/cybersecuritytechnologies/2880\nCVE-2021-26411 - IE mshtml use-after-free\nhttps://t.me/cybersecuritytechnologies/2908", "creation_timestamp": "2021-03-15T11:00:37.000000Z"}, {"uuid": "3214c4ab-ba06-4fa2-9be3-fa634d45efea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-04)", "content": "", "creation_timestamp": "2026-05-04T00:00:00.000000Z"}, {"uuid": "a9744076-8625-4c75-bd47-87ba7b0c2230", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-03)", "content": "", "creation_timestamp": "2026-05-03T00:00:00.000000Z"}, {"uuid": "c506c2fb-9e5b-4426-985f-23a788f05000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-05)", "content": "", "creation_timestamp": "2026-05-05T00:00:00.000000Z"}, {"uuid": "4cdc7e62-7a0f-4141-af02-fdacd8f9673b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22986", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-05)", "content": "", "creation_timestamp": "2026-05-05T00:00:00.000000Z"}]}