{"vulnerability": "CVE-2021-3522", "sightings": [{"uuid": "c0c2f9ba-2339-46e3-be98-1ef048f6a4a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35223", "type": "seen", "source": "https://t.me/cibsecurity/28105", "content": "\u203c CVE-2021-35223 \u203c\n\nThe Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of \u00e2\u20ac\u02dcuser string variables,\u00e2\u20ac\ufffd allowing remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T20:33:37.000000Z"}, {"uuid": "949afd6c-1d9e-41ac-872c-3217c9222801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35227", "type": "seen", "source": "https://t.me/cibsecurity/30979", "content": "\u203c CVE-2021-35227 \u203c\n\nThe HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-21T22:37:15.000000Z"}, {"uuid": "5be39ad1-3cc9-4a09-8cf7-b471008d710e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35228", "type": "seen", "source": "https://t.me/cibsecurity/30978", "content": "\u203c CVE-2021-35228 \u203c\n\nThis vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-21T22:37:14.000000Z"}, {"uuid": "6944441b-ba3d-4a4e-9378-a6e0a3f59c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35225", "type": "seen", "source": "https://t.me/cibsecurity/30975", "content": "\u203c CVE-2021-35225 \u203c\n\nEach authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cross-contamination.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-21T22:37:09.000000Z"}, {"uuid": "a250cacd-085f-465f-98f1-666454435e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35221", "type": "seen", "source": "https://t.me/cibsecurity/28081", "content": "\u203c CVE-2021-35221 \u203c\n\nImproper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T16:33:30.000000Z"}, {"uuid": "3cf3236c-a580-4a90-ad80-3c2c86978459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35222", "type": "seen", "source": "https://t.me/cibsecurity/28080", "content": "\u203c CVE-2021-35222 \u203c\n\nThis vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T16:33:29.000000Z"}, {"uuid": "330a0ce9-fabe-4446-a203-66274aed4cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35220", "type": "seen", "source": "https://t.me/cibsecurity/28079", "content": "\u203c CVE-2021-35220 \u203c\n\nCommand Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T16:33:27.000000Z"}]}