{"vulnerability": "CVE-2021-3163", "sightings": [{"uuid": "8113ddd6-adc1-4a41-9631-ae2507cd4fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31637", "type": "seen", "source": "https://t.me/cibsecurity/60159", "content": "\u203c CVE-2021-31637 \u203c\n\nAn issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:31:08.000000Z"}, {"uuid": "3c4eaf8c-0410-4ff7-b6e8-ea2b4c044f6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31630", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/244", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aExploit for Authenticated Remote Code Execution on OpenPLC v3 Webserver\nURL\uff1ahttps://github.com/h3v0x/CVE-2021-31630-OpenPLC_RCE", "creation_timestamp": "2021-08-02T04:50:14.000000Z"}, {"uuid": "4334a049-c4c0-43ac-8ce1-a25c32821617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31637", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5590", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-31637\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue found in UwAmp v.1.1, 1.2, 1.3, 2.0, 2.1, 2.2, 2.2.1, 3.0.0, 3.0.1, 3.0.2 allows a remote attacker to execute arbitrary code via a crafted DLL.\n\ud83d\udccf Published: 2023-03-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T20:16:32.417Z\n\ud83d\udd17 References:\n1. https://gist.github.com/purabparihar/d1401e59f9e699e71e3d700cc99e02a6", "creation_timestamp": "2025-02-26T20:24:42.000000Z"}, {"uuid": "c72d251a-518f-4b99-9913-8eb1e8a4b8e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31630", "type": "seen", "source": "https://t.me/arpsyndicate/1776", "content": "#ExploitObserverAlert\n\nCVE-2021-31630\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-31630. Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the \"Hardware Layer Code Box\" component on the \"/hardware\" page of the application.\n\nFIRST-EPSS: 0.005360000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-12T00:04:40.000000Z"}, {"uuid": "6d9aed77-0e82-47da-869b-41f8a6ac4acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31630", "type": "seen", "source": "https://t.me/cibsecurity/26741", "content": "\u203c CVE-2021-31630 \u203c\n\nCommand Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the \"Hardware Layer Code Box\" component on the \"/hardware\" page of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T18:27:51.000000Z"}, {"uuid": "bad99b0b-456f-4667-ada2-5915c37313dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31631", "type": "seen", "source": "https://t.me/cibsecurity/33412", "content": "\u203c CVE-2021-31631 \u203c\n\nb2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerability allows attackers to escalate privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:33.000000Z"}, {"uuid": "117414f8-f103-4931-88ab-fc219c8c75de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31632", "type": "seen", "source": "https://t.me/cibsecurity/33409", "content": "\u203c CVE-2021-31632 \u203c\n\nb2evolution CMS v7.2.3 was discovered to contain a SQL injection vulnerability via the parameter cfqueryparam in the User login section. This vulnerability allows attackers to execute arbitrary code via a crafted input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:29.000000Z"}]}