{"vulnerability": "CVE-2021-33318", "sightings": [{"uuid": "5f020a26-5751-453d-9b22-324e31eb4f84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33318", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/159", "content": "SSRF in .NET C# IpMatcher v1.0.4.1 and below NuGet package: CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors.\n\nhttps://cxsecurity.com/issue/WLB-2022050074", "creation_timestamp": "2022-05-21T06:07:55.000000Z"}, {"uuid": "f3dd0c78-ae9f-414e-9300-4c24590332ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33318", "type": "seen", "source": "https://t.me/cibsecurity/42757", "content": "\u203c CVE-2021-33318 \u203c\n\nAn Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and below (IpMatcher) and 4.1.3 and below (WatsonWebserver) due to insufficient validation of input IP addresses and netmasks against the internal Matcher list of IP addresses and subnets.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-16T20:37:05.000000Z"}]}