{"vulnerability": "CVE-2021-3597", "sightings": [{"uuid": "b33c5de3-c3c2-4712-8238-2e817fd8e0fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35971", "type": "seen", "source": "https://t.me/cibsecurity/25826", "content": "\u203c CVE-2021-35971 \u203c\n\nVeeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507 mishandles deserialization during Microsoft .NET remoting.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-30T18:31:53.000000Z"}, {"uuid": "139b0dfa-a091-401e-9c32-0bac8b4c48a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3597", "type": "seen", "source": "https://t.me/arpsyndicate/3237", "content": "#ExploitObserverAlert\n\nCVE-2021-3597\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2021-3597. A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.\n\nFIRST-EPSS: 0.000910000\nNVD-IS: 3.6\nNVD-ES: 2.2", "creation_timestamp": "2024-01-28T06:43:46.000000Z"}, {"uuid": "94a00ed1-0c68-40b2-a170-bd6dd9f39e25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35975", "type": "seen", "source": "https://t.me/arpsyndicate/860", "content": "#ExploitObserverAlert\n\nCVE-2021-35975\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-35975. Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter \"file\" in URL. Also: affected components in same product - HTTP Adapter (up to v.1.8.0.15), MSSQL MessageBus Proxy (up to v.1.1.06), Financial Calculator (up to v.1.3.05), FIX Adapter (up to v.2.4.0.25)", "creation_timestamp": "2023-12-01T14:47:25.000000Z"}, {"uuid": "09df776f-da4e-42c9-93dd-5bc32f6f2fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35975", "type": "seen", "source": "https://t.me/ctinow/157715", "content": "https://ift.tt/70BrVTC\nCVE-2021-35975 | Systematica Radius up to 3.9.256.777 SMTP Adapter file absolute path traversal", "creation_timestamp": "2023-12-21T14:42:37.000000Z"}, {"uuid": "6b23ea3e-a779-4d7a-9a5c-0fe80d4f437c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35978", "type": "seen", "source": "https://t.me/cibsecurity/33736", "content": "\u203c CVE-2021-35978 \u203c\n\nAn issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T16:25:04.000000Z"}, {"uuid": "1097e845-3d60-4604-931a-939597b5ba2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3597", "type": "seen", "source": "https://t.me/cibsecurity/43289", "content": "\u203c CVE-2021-3597 \u203c\n\nA flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-24T22:37:07.000000Z"}, {"uuid": "01cf895e-bbf2-41c1-ad99-bacc500b9505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35977", "type": "seen", "source": "https://t.me/cibsecurity/30249", "content": "\u203c CVE-2021-35977 \u203c\n\nAn issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T18:40:15.000000Z"}, {"uuid": "cba91ae5-a55a-4328-a870-8e2fa4baa1b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35979", "type": "seen", "source": "https://t.me/cibsecurity/30246", "content": "\u203c CVE-2021-35979 \u203c\n\nAn issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T18:40:11.000000Z"}, {"uuid": "620f29d0-2445-48c4-a95e-620b6e53775b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35976", "type": "seen", "source": "https://t.me/cibsecurity/28660", "content": "\u203c CVE-2021-35976 \u203c\n\nThe feature to preview a website in Plesk Obsidian 18.0.0 through 18.0.32 on Linux is vulnerable to reflected XSS via the /plesk-site-preview/ PATH, aka PFSI-62467. The attacker could execute JavaScript code in the victim\u00e2\u20ac\u2122s browser by using the link to preview sites hosted on the server. Authentication is not required to exploit the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-10T16:30:38.000000Z"}, {"uuid": "f547197d-93b6-4ab8-be8d-a16bb5bbdf94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35973", "type": "seen", "source": "https://t.me/cibsecurity/25827", "content": "\u203c CVE-2021-35973 \u203c\n\nNETGEAR WAC104 devices before 1.0.4.15 are affected by an authentication bypass vulnerability in /usr/sbin/mini_httpd, allowing an unauthenticated attacker to invoke any action by adding the &currentsetting.htm substring to the HTTP query, a related issue to CVE-2020-27866. This directly allows the attacker to change the web UI password, and eventually to enable debug mode (telnetd) and gain a shell on the device as the admin limited-user account (however, escalation to root is simple because of weak permissions on the /etc/ directory).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-30T18:31:54.000000Z"}]}