{"vulnerability": "CVE-2021-27562", "sightings": [{"uuid": "f53d781c-9a58-4ffe-8300-5af96fee6b0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:17.000000Z"}, {"uuid": "95a53205-bc06-4c99-8f86-c83ed22a08ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "ef02b9bd-3ae4-4574-b323-e755c6303ce3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971125", "content": "", "creation_timestamp": "2024-12-24T20:24:36.958861Z"}, {"uuid": "6529d416-2e19-499e-81a5-c6abffb29e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:54.000000Z"}, {"uuid": "4b640f35-2d73-4251-aaf8-c39c30c1f6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2791", "content": "#exploit\n1. CVE-2021-27561, CVE-2021-27562:\nYealink Device Management Pre Auth \u2018root\u2019 level RCE\nhttps://ssd-disclosure.com/ssd-advisory-yealink-dm-pre-auth-root-level-rce\n\n2. CVE-2021-21973:\nAn unauthorized server-side request forgery (SSRF) vulnerabilities\nhttps://mobile.twitter.com/osama_hroot/status/1365586206982082560/photo/1", "creation_timestamp": "2022-07-04T12:39:11.000000Z"}, {"uuid": "6abc40dd-7ed8-4d8c-8829-327d276466b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-27562", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/05056406-4c06-4ec2-bbd8-7fdeb1c64334", "content": "", "creation_timestamp": "2026-02-02T12:28:38.833579Z"}, {"uuid": "f34bccf7-58e4-4d2b-9a2d-625fde5a9788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "seen", "source": "https://t.me/arpsyndicate/1430", "content": "#ExploitObserverAlert\n\nCVE-2021-27562\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-27562. In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.\n\nFIRST-EPSS: 0.958430000\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2023-12-05T08:17:29.000000Z"}, {"uuid": "a5865f7b-0d78-43ba-a3d3-d35e0d17d8fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27562", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2925", "content": "#Threat_Research\n1. CVE-2020-29653:\nStealing Froxlor login credentials using dangling markup (PoC)\nhttps://labs.detectify.com/2021/03/10/cve-2020-29653-stealing-froxlor-login-credentials-dangling-markup\n\n2. New Mirai Variant Targeting Network Security Devices\nhttps://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities\n]-> PoC for CVE-2020-25506:\nD-Link DNS-320 Firewall RCE Vulnerability\nhttps://gist.github.com/WinMin/6f63fd1ae95977e0e2d49bd4b5f00675\n]-> PoC for CVE-2021-22502:\nRCE in Micro Focus Operation Bridge Reporter, ver.10.4\nhttps://github.com/pedrib/PoC/blob/master/advisories/Micro_Focus/Micro_Focus_OBR.md\n]-> PoC for CVE-2021-27561, CVE-2021-27562:\nYealink Device Mngmnt Pre-Auth \"root\" Level RCE Vuln\nhttps://ssd-disclosure.com/ssd-advisory-yealink-dm-pre-auth-root-level-rce", "creation_timestamp": "2021-03-17T11:01:15.000000Z"}]}