{"vulnerability": "CVE-2021-25282", "sightings": [{"uuid": "40f58cad-8ca9-40bb-b7b0-7635ff95473f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "8b3bc8fe-daab-4e03-b706-4031a0949891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/saltstack_salt_wheel_async_rce.rb", "content": "", "creation_timestamp": "2021-03-31T19:58:01.000000Z"}, {"uuid": "6a768ce1-214b-476f-b2fe-8e9b0e289b2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:35.000000Z"}, {"uuid": "615371bd-1e6f-4a37-b732-d4c40eea9958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "https://t.me/cibsecurity/24279", "content": "\u203c CVE-2021-25282 \u203c\n\nAn issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-27T07:40:07.000000Z"}, {"uuid": "2e09b537-0b1c-4ffa-85d1-66fb2e3bc7c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "https://t.me/cKure/4084", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Interesting thread: CVE-2021-25281 and CVE-2021-25282.\n\nhttps://mobile.twitter.com/chybeta/status/1365203494869721090", "creation_timestamp": "2021-02-26T10:46:06.000000Z"}, {"uuid": "49453889-fcc0-400d-b25e-d30feadd5940", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "https://t.me/arpsyndicate/4769", "content": "#ExploitObserverAlert\n\nCVE-2021-25282\n\nDESCRIPTION: Exploit Observer has 40 entries in 6 file formats related to CVE-2021-25282. An issue was discovered in through SaltStack Salt before 3002.5. The salt.wheel.pillar_roots.write method is vulnerable to directory traversal.\n\nFIRST-EPSS: 0.852840000\nNVD-IS: 5.2\nNVD-ES: 3.9\nARPS-PRIORITY: 0.9245408", "creation_timestamp": "2024-04-23T19:28:40.000000Z"}, {"uuid": "5721e6c7-fc3d-4951-970a-74db78e30482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2803", "content": "#exploit\n1. CVE-2021-27403:\nAskey RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 devices allow cgi-bin/te_acceso_router.cgi curWebPage XSS\nhttps://github.com/bokanrb/CVE-2021-27403\n\n2. CVE-2021-27404:\nAskey RTF8115VW Internet Fiber Modem - Authenticated Host Header Injection\nhttps://github.com/bokanrb/CVE-2021-27404 \n\n]-> Chaining CVE-2021-25281 and CVE-2021-25282 to exploit a SaltStack:\nhttps://github.com/Immersive-Labs-Sec/CVE-2021-25281", "creation_timestamp": "2024-06-24T21:17:07.000000Z"}, {"uuid": "cbfa1976-8a3d-4780-a0f4-407d8d35c18e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-25282", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/763", "content": "CVE-2021-25281&CVE-2021-25282&CVE-2021-25283 Saltstack\u672a\u6388\u6b0aRCE\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-25281%26CVE-2021-25282%26CVE-2021-25283_Saltstack%E6%9C%AA%E6%8E%88%E6%AC%8ARCE%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T04:42:17.000000Z"}]}