{"vulnerability": "CVE-2021-26828", "sightings": [{"uuid": "337f3a99-cae5-4d34-8fc2-1bdc94ab6f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "confirmed", "source": "https://gist.github.com/voidvxvt/719c34da30a644b822765729be648985", "content": "", "creation_timestamp": "2025-01-06T18:43:12.000000Z"}, {"uuid": "899a5801-9431-4212-992f-0416a9d4d254", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115662683959324733", "content": "", "creation_timestamp": "2025-12-04T18:21:37.855913Z"}, {"uuid": "bf79e91d-9031-4e61-98f8-4a44fb01fad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-f5921064-b7bcd332ac747253", "content": "", "creation_timestamp": "2025-10-24T08:13:32.266227Z"}, {"uuid": "e07cd146-36a6-41a3-b2b8-f01b2eadf0a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m76umtasfn2a", "content": "", "creation_timestamp": "2025-12-04T21:02:36.243744Z"}, {"uuid": "f7b2174d-6a69-4741-8c33-823fe64c6071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m774tfnsqs24", "content": "", "creation_timestamp": "2025-12-04T23:29:22.241699Z"}, {"uuid": "8a2a3910-dbc2-48c0-bde1-59067ee56a26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3m74aqnqhc32u", "content": "", "creation_timestamp": "2025-12-03T20:01:24.369595Z"}, {"uuid": "2419deb0-6689-4165-a4fc-6308246c4393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/115657552999997488", "content": "", "creation_timestamp": "2025-12-03T20:36:46.894950Z"}, {"uuid": "6f3665f3-74b0-4ac3-b72d-ce0e2bcf2bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.mastodon.social.ap.brid.gy/post/3m74cqypmexo2", "content": "", "creation_timestamp": "2025-12-03T20:38:05.184195Z"}, {"uuid": "6375d7de-cb66-439c-9aca-8cd8b85b13e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/5922960", "content": "", "creation_timestamp": "2026-03-04T01:42:18.896212Z"}, {"uuid": "038afc8e-3e13-4f8f-818d-920e48b99f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m7bsxqbjbc2p", "content": "", "creation_timestamp": "2025-12-06T01:10:49.145526Z"}, {"uuid": "79349111-7e67-45c2-ac72-96c1585b01b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m7clrr3wxk27", "content": "", "creation_timestamp": "2025-12-06T08:34:53.849381Z"}, {"uuid": "2d25e5cf-96f0-4ffb-a38d-51fc8dd24b7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3m7ayo42ab62v", "content": "", "creation_timestamp": "2025-12-05T17:20:07.344799Z"}, {"uuid": "0bf49bba-7ff8-49f8-a455-a2dc32ab43f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-26828", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fc5b0752-b988-428c-8274-6bf35ca27519", "content": "", "creation_timestamp": "2026-02-02T12:25:45.507317Z"}, {"uuid": "1d1024ee-bbc4-490a-81f3-202987d32915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9737", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1apython3 port of https://github.com/hev0x/CVE-2021-26828_ScadaBR_RCE/blob/main/LinScada_RCE.py\nURL\uff1ahttps://github.com/voidvxvt/CVE-2021-26828\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-06T17:43:55.000000Z"}, {"uuid": "055e112f-3222-4ad7-9171-2605831ce7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3610", "content": "#exploit\n1. CVE-2021-31950:\nMicrosoft SharePoint Server 16.0.10372.20060 - SSRF\nhttps://packetstormsecurity.com/files/163080/mssharepoint16-ssrf.txt\n// MS SharePoint Server suffers from a GetXmlDataFromDataSource SSRF vulnerability\n\n2. CVE-2021-26828:\nOpenPLC ScadaBR <0.9.1 on Linux and <1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm\nhttps://github.com/hevox/CVE-2021-26828_ScadaBR_RCE", "creation_timestamp": "2022-07-04T22:17:17.000000Z"}, {"uuid": "dcb6345d-8ad4-4dde-9546-6a28fde921f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/38604", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR \nURL\uff1ahttps://github.com/ridpath/CVE-2021-26828-Ultimate\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-05-30T01:02:10.000000Z"}, {"uuid": "8df2eb9c-baa2-4d95-a5e9-04e371e7e904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://t.me/arpsyndicate/1785", "content": "#ExploitObserverAlert\n\nCVE-2021-26828\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2021-26828. OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.\n\nFIRST-EPSS: 0.008750000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-12T01:23:48.000000Z"}, {"uuid": "62e03b9e-ca88-4ab7-a84d-927e8451ce48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-26828", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/422", "content": "CVE-2021-26828 ScadaBR 1.0 / 1.1CE Windows Shell \u4e0a\u50b3\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-26828_ScadaBR_1.0_/_1.1CE_Windows_Shell_%E4%B8%8A%E5%82%B3%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-14T01:56:05.000000Z"}]}