{"vulnerability": "CVE-2021-3449", "sightings": [{"uuid": "07ef84a8-32a4-44a4-ab5e-3ccb0d93ccc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-34494", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_21/2021", "content": "", "creation_timestamp": "2021-07-15T10:13:10.000000Z"}, {"uuid": "204a67e8-e276-4346-9258-bb1cd73df85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "seen", "source": "https://gist.github.com/ginsabo/fcf50a69e647a4770e004b95674a954b", "content": "", "creation_timestamp": "2026-02-15T08:58:43.000000Z"}, {"uuid": "e3a9a44b-324a-40e4-ba5d-6725c88462a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "seen", "source": "https://t.me/BleepingComputer/9406", "content": "OpenSSL fixes severe DoS, certificate validation vulnerabilities\n\nOpenSSL has patched two high severity vulnerabilities. These include a Denial of Service (DoS) vulnerability (CVE-2021-3449) and an improper\u00a0CA\u00a0certificate validation issue (CVE-2021-3450). [...]\n\nhttps://www.bleepingcomputer.com/news/security/openssl-fixes-severe-dos-certificate-validation-vulnerabilities/", "creation_timestamp": "2021-03-25T17:13:49.000000Z"}, {"uuid": "b50e87b7-9938-4cd5-9e43-e58cd5126dfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/385", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-3449 OpenSSL denial-of-service exploit \ud83d\udc68\ud83c\udffb\u200d\ud83d\udcbb\nURL\uff1ahttps://github.com/terorie/cve-2021-3449", "creation_timestamp": "2021-08-24T20:20:44.000000Z"}, {"uuid": "0357935f-31d3-4d95-bb22-d356a0983184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/infobes/305", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html?m=1#click=https://t.co/z6FHjamuUy\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2021-03-29T03:08:41.000000Z"}, {"uuid": "9d62b7bb-e65a-431d-8df1-745947cd03d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "seen", "source": "https://t.me/arpsyndicate/269", "content": "#ExploitObserverAlert\n\nCVE-2021-3449\n\nDESCRIPTION: Exploit Observer has 57 entries related to CVE-2021-3449. An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).\n\nFIRST-EPSS: 0.003070000\nNVD-IS: 3.6\nNVD-ES: 2.2", "creation_timestamp": "2023-11-19T14:53:04.000000Z"}, {"uuid": "ed7f5db1-7374-4350-8a13-fe557aafaa66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34494", "type": "seen", "source": "https://t.me/true_secator/1917", "content": "\u200b\u200b\u041e\u0442\u043b\u0438\u0447\u0438\u043b\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e SAP, \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0438 Microsoft \u0441\u0432\u043e\u0438\u043c \u044d\u043f\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 117 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 9 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0440\u0430\u0441\u043a\u043b\u0430\u0434 \u0442\u0430\u043a\u043e\u0439: 13 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 103 - \u0432\u0430\u0436\u043d\u044b\u0445, \u0430 1 - \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS \u0438 Visual Studio Code.\n\n\u041f\u043e\u0434 \u0437\u0430\u043a\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u043f\u043e\u043f\u0430\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0439 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 (CVE-2021-34527), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c\u00a0\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2021-31979\u00a0\u0438 33771), \u043a\u043e\u0441\u044f\u043a\u0438 \u043c\u043e\u0434\u0443\u043b\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e\u00a0\u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2021-34448).\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442: Microsoft Exchange Server (CVE-2021-34473\u00a0- \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 CVE-2021-34523\u00a0- \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), Active Directory (CVE-2021-33781\u00a0- \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), Windows ADFS (CVE-2021-33779\u00a0- \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e), Windows (CVE-2021-34492\u00a0- \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0438 CVE-2021-34458 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430), Windows DNS Server (CVE-2021-34494 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Windows hello (CVE-2021-34466), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430\u00a0\u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043b\u0438\u0446\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\nMSFT \u0432 \u0446\u0435\u043b\u043e\u043c \u0443\u0436\u0435 \u0431\u043b\u0438\u0437\u043a\u0438 \u0432 \u0442\u043e\u043c\u0443 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0442\u0440\u0430\u043d\u0441\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e: \u0432 \u043c\u0430\u0435 \u0438 \u0438\u044e\u043d\u0435 \u043e\u043d\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 55 \u0438 50 \u0434\u044b\u0440 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e. \u041d\u043e, \u0447\u0442\u043e-\u0442\u043e \u0437\u043d\u0430\u044f \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0434\u0443\u043c\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043c \u0435\u0449\u0451 \u0434\u043e\u043b\u0433\u043e \u0432\u0435\u0441\u0442\u0438 \u0431\u043e\u0439 \u0432 \u0442\u0435\u043d\u044c\u044e.", "creation_timestamp": "2021-07-14T16:59:39.000000Z"}, {"uuid": "b61a2a59-3e02-4ee7-9112-9e99e5808e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/50", "content": "CVE-2021-3449 OpenSSL\u62d2\u7d55\u670d\u52d9\u6f0f\u6d1e\n\nopenssl \u7248\u672c\u4f4e\u65bc 1.1.1-k\uff0c\u9ed8\u8ba4\u914d\u7f6e\u4e0b\u4f7f\u7528 openssl \u7684\u8f6f\u4ef6\uff08\u5305\u62ec nginx \u548c trojan-gfw \u7b49\uff09\uff0c\u6076\u610f\u6784\u9020\u7684\u8bf7\u6c42\u53ef\u4ee5\u8ba9\u670d\u52a1\u7aef\u5d29\u6e83\u3002 \n\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-3449_OpenSSL%E6%8B%92%E7%B5%95%E6%9C%8D%E5%8B%99%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:54.000000Z"}, {"uuid": "4bfc4ac7-9f82-49c4-a21f-41aadca9b26f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "seen", "source": "https://t.me/thehackernews/1114", "content": "OpenSSL has released security patches for 2 new high-severity vulnerabilities that could be exploited to perform DoS attacks (CVE-2021-3449) and bypass certificate verification (CVE-2021-3450).\n\nRead details \u2014 https://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html", "creation_timestamp": "2021-03-26T15:59:46.000000Z"}, {"uuid": "62fc1a92-455c-40a6-a5e9-f8b55e433593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3057", "content": "#Analytics\n10 most exploited vulnerabilities of the week (March 29 - April 4)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html\nCVE-2021-21975/CVE-2021-21983 - SSRF in VMWare vRealize Operations Manager API\nhttps://t.me/cybersecuritytechnologies/3039\nCVE-2019-8761 - macOS bug that lets attackers execute HTML within a TXT file\nhttps://www.paulosyibelo.com/2021/04/this-man-thought-opening-txt-file-is.html\nCVE-2021-26411 - IE mshtml UAF\nhttps://t.me/cybersecuritytechnologies/2908\nCVE-2021-28918 - SSRF in Netmask package\nhttps://t.me/cybersecuritytechnologies/3014\nCVE-2020-25078 - D-Link psw disclosure\nhttps://t.me/cybersecuritytechnologies/3055\nCVE-2021-1656 - Windows tpm.sys Device Driver Information Disclosure\nhttps://t.me/cybersecuritytechnologies/3028", "creation_timestamp": "2022-06-01T02:32:51.000000Z"}, {"uuid": "94ad5755-cbbb-4ee2-b434-bff0916e66ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3395", "content": "#exploit\nCVE-2021-3449:\nOpenSSL <1.1.1k DoS Exploit\nhttps://github.com/terorie/cve-2021-3449", "creation_timestamp": "2021-05-18T11:02:28.000000Z"}, {"uuid": "13de2fe3-5782-4fce-bbe4-9f65c4543a74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/19", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:15:23.000000Z"}, {"uuid": "2a9b3003-6d93-43fe-9de0-7cb67781764b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34492", "type": "seen", "source": "https://t.me/true_secator/1917", "content": "\u200b\u200b\u041e\u0442\u043b\u0438\u0447\u0438\u043b\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e SAP, \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0441\u044f \u0438 Microsoft \u0441\u0432\u043e\u0438\u043c \u044d\u043f\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043f\u0430\u0442\u0447\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 117 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 9 \u043e\u0448\u0438\u0431\u043e\u043a \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0412 \u043e\u0431\u0449\u0435\u043c \u0440\u0430\u0441\u043a\u043b\u0430\u0434 \u0442\u0430\u043a\u043e\u0439: 13 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 103 - \u0432\u0430\u0436\u043d\u044b\u0445, \u0430 1 - \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u044e\u0442 Windows, Bing, Dynamics, Exchange Server, Office, Scripting Engine, Windows DNS \u0438 Visual Studio Code.\n\n\u041f\u043e\u0434 \u0437\u0430\u043a\u0430\u0442\u043e\u0447\u043d\u044b\u0439 \u043a\u043e\u043d\u0432\u0435\u0439\u0435\u0440 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e \u0436\u0435 \u043f\u043e\u043f\u0430\u043b \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0439 \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 (CVE-2021-34527), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c\u00a0\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CVE-2021-31979\u00a0\u0438 33771), \u043a\u043e\u0441\u044f\u043a\u0438 \u043c\u043e\u0434\u0443\u043b\u044f \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0435 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e\u00a0\u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2021-34448).\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442: Microsoft Exchange Server (CVE-2021-34473\u00a0- \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0438 CVE-2021-34523\u00a0- \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), Active Directory (CVE-2021-33781\u00a0- \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438), Windows ADFS (CVE-2021-33779\u00a0- \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e), Windows (CVE-2021-34492\u00a0- \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432 \u0438 CVE-2021-34458 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430), Windows DNS Server (CVE-2021-34494 - \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430).\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Microsoft \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u043e\u043c\u0435\u0442\u0440\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Windows hello (CVE-2021-34466), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430\u00a0\u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043b\u0438\u0446\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\n\nMSFT \u0432 \u0446\u0435\u043b\u043e\u043c \u0443\u0436\u0435 \u0431\u043b\u0438\u0437\u043a\u0438 \u0432 \u0442\u043e\u043c\u0443 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e, \u043a\u043e\u0433\u0434\u0430 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0442\u0440\u0430\u043d\u0441\u0444\u043e\u0440\u043c\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e: \u0432 \u043c\u0430\u0435 \u0438 \u0438\u044e\u043d\u0435 \u043e\u043d\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 55 \u0438 50 \u0434\u044b\u0440 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e. \u041d\u043e, \u0447\u0442\u043e-\u0442\u043e \u0437\u043d\u0430\u044f \u043c\u0435\u043b\u043a\u043e\u043c\u044f\u0433\u043a\u0438\u0445, \u0434\u0443\u043c\u0430\u0435\u0442, \u0447\u0442\u043e \u0438\u043c \u0435\u0449\u0451 \u0434\u043e\u043b\u0433\u043e \u0432\u0435\u0441\u0442\u0438 \u0431\u043e\u0439 \u0432 \u0442\u0435\u043d\u044c\u044e.", "creation_timestamp": "2021-07-14T16:59:39.000000Z"}, {"uuid": "c1f07d1b-9c9a-4dda-a489-1c86a341dde0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34497", "type": "seen", "source": "https://t.me/cibsecurity/26233", "content": "\u203c CVE-2021-34447 \u203c\n\nWindows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34497.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-17T00:28:30.000000Z"}, {"uuid": "c26f9075-363d-45f2-a56d-72d497c7a3be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2993", "content": "#exploit\nCVE-2021-3449:\nMultiple Vulnerabilities in OpenSSL\n(OpenSSL <1.1.1k DoS exploit PoC)\n\n// An OpenSSL v.1.1.1 TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client\nhttps://github.com/terorie/cve-2021-3449", "creation_timestamp": "2022-07-04T20:49:04.000000Z"}, {"uuid": "7c485a1c-737a-4b4a-8eca-7b0bbe3c287f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3007", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2022-06-01T02:33:44.000000Z"}, {"uuid": "1a8e1f5a-3d16-4843-89c5-49c6f3d81a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3449", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/18", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:14:31.000000Z"}]}