{"vulnerability": "CVE-2021-3635", "sightings": [{"uuid": "61af53c1-85e3-4549-8f24-ee99c1dd3afc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "MISP/8bf50bb8-94dd-4004-a646-5f78db6f0b6a", "content": "", "creation_timestamp": "2022-07-13T13:02:16.000000Z"}, {"uuid": "9d50eb92-16e3-483c-8702-aab86582adb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-36356.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "371786c2-0544-421f-b0af-618247efa834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-21)", "content": "", "creation_timestamp": "2024-12-21T00:00:00.000000Z"}, {"uuid": "b8fe76da-a93b-4b1f-aebe-ee8cfc0d05c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "d78455b5-2aef-4dc7-8429-bc0a714ab92a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-11)", "content": "", "creation_timestamp": "2025-06-11T00:00:00.000000Z"}, {"uuid": "b8bdbc94-719b-4e72-8546-a7bdc0b580e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-14)", "content": "", "creation_timestamp": "2025-03-14T00:00:00.000000Z"}, {"uuid": "fe9980c5-4c89-4e08-9a27-2aa96a14b31b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-25)", "content": "", "creation_timestamp": "2025-05-25T00:00:00.000000Z"}, {"uuid": "2aabf442-f7ed-4804-9014-7554587ed31a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-06)", "content": "", "creation_timestamp": "2025-07-06T00:00:00.000000Z"}, {"uuid": "de9f996f-5b05-4b16-aab3-5a300f59904f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-23)", "content": "", "creation_timestamp": "2025-06-23T00:00:00.000000Z"}, {"uuid": "990adfc6-828f-4426-afb0-fd0b693e8fa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-25)", "content": "", "creation_timestamp": "2025-10-25T00:00:00.000000Z"}, {"uuid": "683a2710-7283-43e4-a1e4-ef49315b0e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-18)", "content": "", "creation_timestamp": "2025-09-18T00:00:00.000000Z"}, {"uuid": "73a440ca-161e-40ba-be11-0ba29380e513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-08)", "content": "", "creation_timestamp": "2025-11-08T00:00:00.000000Z"}, {"uuid": "9fab5423-8728-4fb9-85db-140b2d08ddff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-26)", "content": "", "creation_timestamp": "2025-10-26T00:00:00.000000Z"}, {"uuid": "f1d30c39-625f-47c7-9521-4327046c7765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-04)", "content": "", "creation_timestamp": "2026-01-04T00:00:00.000000Z"}, {"uuid": "1c96241d-9041-4d93-af98-6ef06a822ee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "86a524ba-9484-4d3a-aa40-2b49fbdd3725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-26)", "content": "", "creation_timestamp": "2026-02-26T00:00:00.000000Z"}, {"uuid": "f851b292-e2a9-4dc0-bfcc-d0078fafc197", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-11)", "content": "", "creation_timestamp": "2026-03-11T00:00:00.000000Z"}, {"uuid": "66e42e13-7494-4901-9388-3d318122f2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "d37dcd4a-d481-402e-95a7-86f9d93894bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36357", "type": "seen", "source": "https://t.me/cibsecurity/31023", "content": "\u203c CVE-2021-36357 \u203c\n\nAn issue was discovered in OpenPOWER 2.6 firmware. unpack_timestamp() calls le32_to_cpu() for endian conversion of a uint16_t \"year\" value, resulting in a type mismatch that can truncate a higher integer value to a smaller one, and bypass a timestamp check. The fix is to use the right endian conversion function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T16:39:21.000000Z"}, {"uuid": "368f7a67-e07b-4749-b99b-28dc6f3b0727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36350", "type": "seen", "source": "https://t.me/cibsecurity/34442", "content": "\u203c CVE-2021-36350 \u203c\n\nDell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authentication bypass by primary weakness in one of the authentication factors. A remote unauthenticated attacker may potentially exploit this vulnerability and bypass one of the factors of authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-21T20:12:08.000000Z"}, {"uuid": "a7907593-499a-46e4-8617-4fed92409c55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36352", "type": "seen", "source": "https://t.me/D4RKW0R1D/6960", "content": "\u203c CVE-2021-36352 \u203c\n\nStored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registration_admission/patient_register.php page with \"name_middle\", \"addr_str\", \"station\", \"name_maiden\", \"name_2\", \"name_3\" parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-26T16:42:38.000000Z"}, {"uuid": "ca0a43e7-1152-47f9-b84f-bc8a7e443e64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "https://t.me/arpsyndicate/2695", "content": "#ExploitObserverAlert\n\nCVE-2021-36356\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2021-36356. KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.\n\nFIRST-EPSS: 0.930090000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-09T00:18:04.000000Z"}, {"uuid": "373c9ff5-bc68-4797-a6b1-e93e3bc2d454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "https://t.me/cibsecurity/28061", "content": "\u203c CVE-2021-36356 \u203c\n\nKRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T07:33:05.000000Z"}, {"uuid": "f9e48078-9fd1-40fb-b2d8-5999829cbae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36352", "type": "seen", "source": "https://t.me/cibsecurity/27902", "content": "\u203c CVE-2021-36352 \u203c\n\nStored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registration_admission/patient_register.php page with \"name_middle\", \"addr_str\", \"station\", \"name_maiden\", \"name_2\", \"name_3\" parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-26T18:26:51.000000Z"}, {"uuid": "898adb7b-ac79-4b8f-a97e-967d872d08f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3635", "type": "seen", "source": "https://t.me/cibsecurity/27307", "content": "\u203c CVE-2021-3635 \u203c\n\nA flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root (CAP_SYS_ADMIN) access is able to panic the system when issuing netfilter netflow commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-13T18:41:17.000000Z"}, {"uuid": "455e71d9-a020-4107-9798-68ff6868fab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36359", "type": "seen", "source": "https://t.me/cibsecurity/27996", "content": "\u203c CVE-2021-36359 \u203c\n\nOrbiTeam BSCW Classic before 7.4.3 allows exportpdf authenticated remote code execution (RCE) via XML tag injection because reportlab\\platypus\\paraparser.py (reached via bscw.cgi op=_editfolder.EditFolder) calls eval on attacker-supplied Python code. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T12:32:12.000000Z"}, {"uuid": "64f49611-28b8-4208-9c6d-23e592049fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36352", "type": "seen", "source": "https://t.me/D4RKW0R1D/876", "content": "\u203c CVE-2021-36352 \u203c\n\nStored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registration_admission/patient_register.php page with \"name_middle\", \"addr_str\", \"station\", \"name_maiden\", \"name_2\", \"name_3\" parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-26T18:42:35.000000Z"}, {"uuid": "ad0929cf-765f-464c-ba2d-f166cb935199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-05-15)", "content": "", "creation_timestamp": "2026-05-15T00:00:00.000000Z"}, {"uuid": "6e669ead-d5c8-4e93-aa3b-58a4c812ed9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36359", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/837", "content": "\u6700\u8fd1\u6dfb\u52a0\u6f0f\u6d1e\uff08\u5982\u679c\u60a8\u5728Team\u5167\u53ef\u76f4\u63a5\u67e5\u770b\uff09\uff1a\nBus Pass Management System 1.0 SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=LFzbUi\nCVE-2021-21307 WinWaste.NET 1.0.6183.16475 \u672c\u5730\u6b0a\u9650\u63d0\u5347\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=K10VCw\nCVE-2020-7387&CVE-2020-7388 Sage X3 Administration Service \u8eab\u4efd\u9a57\u8b49\u7e5e\u904e&\u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=b52hhB\nCVE-2021-34621 WordPress Plugin ProfilePress 3.1.3 \u6b0a\u9650\u63d0\u5347\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=k86vqZ\nCVE-2021-39271 BSCW Server \u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=BDzTae\nCVE-2021-36359 BSCW Server XML\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=ENsAuJ\nCVE-2021-21300 Git LFS Clone \u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=SGwDct\nDyephotographic SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=X7Hvce\nCVE-2020-6404 Google Chrome 80.0.3987.87 \u62d2\u7d55\u670d\u52d9\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=xzWCaC\nCVE-2019-19143 TP-Link TL-WR849N 0.9.1 4.16 \u8eab\u4efd\u9a57\u8b49\u7e5e\u904e\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=CPltjo\nCVE-2020-9038 Joplin Desktop 1.0.184 XSS\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=4ysOvF\nCVE-2020-5811 Umbraco CMS 8.9.1 \u76ee\u9304\u904d\u6b77&\u4efb\u610f\u6587\u4ef6\u5beb\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=jV0T9b\nCNVD-2021-35581 WPS For Linux RCE\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=hYL9m9", "creation_timestamp": "2021-09-21T04:41:55.000000Z"}, {"uuid": "6bd77c44-b22d-40e5-a894-10395217ac7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36356", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-21)", "content": "", "creation_timestamp": "2026-05-21T00:00:00.000000Z"}]}