{"vulnerability": "CVE-2021-3421", "sightings": [{"uuid": "86d1e039-ce96-469b-b3b2-732cb9bb2804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34215", "type": "seen", "source": "https://t.me/cibsecurity/27647", "content": "\u203c CVE-2021-34215 \u203c\n\nCross-site scripting in tcpipwan.htm in TOTOLINK A3002R version V1.1.1-B20200824 (Important Update, new UI) allows attackers to execute arbitrary JavaScript by modifying the \"Service Name\" field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-20T20:19:24.000000Z"}, {"uuid": "2794ca3f-0982-4d0a-a395-6acb81d66d91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34218", "type": "seen", "source": "https://t.me/cibsecurity/27644", "content": "\u203c CVE-2021-34218 \u203c\n\nDirectory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /add/ , /img/, /js/, and /mobile directories via GET Parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-20T20:19:20.000000Z"}]}