{"vulnerability": "CVE-2021-3676", "sightings": [{"uuid": "bc959130-0ba0-48d4-af05-b949bc172a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36765", "type": "seen", "source": "https://t.me/arpsyndicate/2653", "content": "#ExploitObserverAlert\n\nCVE-2021-36765\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2021-36765. In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system.\n\nFIRST-EPSS: 0.001500000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-08T15:23:49.000000Z"}, {"uuid": "f4797275-81bf-4b51-b881-dea92b482e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-36763", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "6fefafac-3817-4090-8cb3-e2a7009dc5c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-36764", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "6792610b-fc1f-43db-8f96-ddbe698108f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-36765", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "167e0287-1061-43e5-a5c8-9e03a8e1b7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36761", "type": "seen", "source": "https://t.me/cibsecurity/44915", "content": "\u203c CVE-2021-36761 \u203c\n\nThe GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-21T20:27:44.000000Z"}, {"uuid": "3628449b-6fc0-4f61-851d-06491a829733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36766", "type": "seen", "source": "https://t.me/cibsecurity/26625", "content": "\u203c CVE-2021-36766 \u203c\n\nConcrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashboard/system/environment/logging.php Logging::update_logging() method. User input passed through the logFile request parameter is not properly sanitized before being used in a call to the file_exists() PHP function. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope (PHP Object Injection via phar:// stream wrapper), allowing them to carry out a variety of attacks, such as executing arbitrary PHP code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-30T18:21:38.000000Z"}, {"uuid": "ebcf99a6-2421-44d5-9a2b-dade9306a931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36760", "type": "seen", "source": "https://t.me/cibsecurity/33529", "content": "\u203c CVE-2021-36760 \u203c\n\nIn accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server 5.7.0, it is possible to perform a DOM-Based XSS attack affecting the callback parameter modifying the URL that precedes the callback parameter. Once the username or password reset procedure is completed, the JavaScript code will be executed. (recoverpassword.do also has an open redirect issue for a similar reason.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-08T00:23:05.000000Z"}, {"uuid": "aa37b17e-a038-4f3e-94a8-63b197b7fd7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36767", "type": "seen", "source": "https://t.me/cibsecurity/30248", "content": "\u203c CVE-2021-36767 \u203c\n\nIn Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T18:40:14.000000Z"}, {"uuid": "19db3b9a-35a6-431d-9433-0ebed7764275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36762", "type": "seen", "source": "https://t.me/cibsecurity/27583", "content": "\u203c CVE-2021-36762 \u203c\n\nAn issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd():tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet buffer (if no '\\0' byte exists within a reasonable range).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-19T16:17:53.000000Z"}, {"uuid": "8ff1c748-e019-4d95-80a1-c647bb9c85c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36765", "type": "seen", "source": "https://t.me/cibsecurity/26815", "content": "\u203c CVE-2021-36765 \u203c\n\nIn CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T19:24:31.000000Z"}, {"uuid": "ae487119-de42-4fae-b2ca-41d947553208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36764", "type": "seen", "source": "https://t.me/cibsecurity/26813", "content": "\u203c CVE-2021-36764 \u203c\n\nIn CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Crafted communication requests may cause a Null pointer dereference in the affected CODESYS products and may result in a denial-of-service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T19:24:29.000000Z"}, {"uuid": "9766a5f0-d331-4163-a927-20beb2cf9f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36763", "type": "seen", "source": "https://t.me/cibsecurity/26757", "content": "\u203c CVE-2021-36763 \u203c\n\nIn CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T20:28:48.000000Z"}, {"uuid": "30588649-7703-4797-9159-9db0a4a5f0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36769", "type": "seen", "source": "https://t.me/cibsecurity/26237", "content": "\u203c CVE-2021-36769 \u203c\n\nA reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-17T07:28:51.000000Z"}]}