{"vulnerability": "CVE-2021-27928", "sightings": [{"uuid": "f7a4e02d-78eb-47d3-96fe-5668ce649efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27928", "type": "seen", "source": "MISP/4c580dc4-6527-4783-a985-f16249c35599", "content": "", "creation_timestamp": "2024-11-14T06:08:54.000000Z"}, {"uuid": "a1c4afd1-4aca-4778-a5f8-e72e3edafcb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27928", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/130", "content": "\u2014Medium Machines\u2014\n\nForge - SSRF, Pdb Priv Esc\nhttps://medium.com/@futurembt/forge-htb-write-up-forge-hack-the-box-walkthrough-1b358c25f4ab\n\nMango - SSL-cert subdomain reveal, MongoDB Injection, jjs Priv Esc\nhttps://0xdf.gitlab.io/2020/04/18/htb-mango.html\n\nLogForge - Tomcat/9.0.31, Log4J\nhttps://0xdf.gitlab.io/2021/12/29/htb-logforge.html\n\nShibboleth - Zabbix, 623 UDP (https://book.hacktricks.xyz/pentesting/623-udp-ipmi), mariadb 10.3.25 CVE-2021-27928 (https://www.exploit-db.com/exploits/49765, https://github.com/Al1ex/CVE-2021-27928) \nhttps://0xdf.gitlab.io/2022/04/02/htb-shibboleth.html\n\n\n#hackthebox #ctf", "creation_timestamp": "2022-06-18T10:31:44.000000Z"}, {"uuid": "1e0635ed-a5a5-455f-b333-a07eea7e6630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27928", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "a05e84aa-3277-4e9b-81ba-4baaa3684fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27928", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/162", "content": "CVE-2021-27928 MariaDB 10.2 /MySQL - 'wsrep provider' \u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-27928_MariaDB_10.2_/MySQL_-_%27wsrep_provider%27_%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:48.000000Z"}, {"uuid": "3d18e5b3-ec9c-4153-aa45-b07740bb92d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27928", "type": "seen", "source": "https://t.me/cibsecurity/25171", "content": "\u203c CVE-2021-27928 \u203c\n\nA remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-19T06:33:04.000000Z"}]}