{"vulnerability": "CVE-2021-44529", "sightings": [{"uuid": "0c2b09c4-343f-4db0-8a0b-acd0569c4c41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-03-25T18:10:03.000000Z"}, {"uuid": "bc2dd16b-dd79-430d-9472-4b429a82355d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-44529.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "57d85c0c-f321-4b31-bffe-2091c99ae280", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "f64ac159-8b0c-4b4d-bc37-a635c4fa44fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ivanti_csa_unauth_rce_cve_2021_44529.rb", "content": "", "creation_timestamp": "2023-01-17T19:33:02.000000Z"}, {"uuid": "141e63e2-a376-4532-925b-f55696bd42a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:41.000000Z"}, {"uuid": "0c091729-1af0-48cc-9e9e-071ec9b4cad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:53.000000Z"}, {"uuid": "1e55a688-d154-421e-8dd7-3a85bc77a8a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:12.000000Z"}, {"uuid": "56c79ece-d1a8-4509-819f-fa06b917cc18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1962", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u4ee3\u7801\u6ce8\u5165\n\u63cf\u8ff0\uff1aCVE-2021-44529 Ivanti EPM \u4e91\u670d\u52a1\u8bbe\u5907 (CSA) \u4e2d\u7684\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u5141\u8bb8\u672a\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u4ee5\u6709\u9650\u7684\u6743\u9650\uff08nobody\uff09\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\nURL\uff1ahttps://github.com/jax7sec/CVE-2021-44529\n\n\u6807\u7b7e\uff1a#\u4ee3\u7801\u6ce8\u5165", "creation_timestamp": "2022-04-16T15:24:17.000000Z"}, {"uuid": "1f1d245b-7484-47be-b6cb-2939625b551c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/310c8510-0ddf-4906-8633-76e220a394dd", "content": "", "creation_timestamp": "2026-02-02T12:26:39.903783Z"}, {"uuid": "bdf11a59-ea3e-4550-a42d-5418d81a544c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "Telegram/qEB3cQjn89-Wp0e5IcB9U1WByFHdUfbB2SjNxLmQQweLTVo", "content": "", "creation_timestamp": "2024-03-26T07:18:45.000000Z"}, {"uuid": "7166074a-1e02-4d81-89d1-d6e330cf464a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "https://t.me/poxek/2655", "content": "CVE-2021-44529\nIvanti EPM Cloud Services Appliance (CSA) RCE\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 Ivanti EPM Cloud Services Appliance (CSA) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 (nobody).\n\n#CVE #POC", "creation_timestamp": "2023-01-13T11:04:04.000000Z"}, {"uuid": "937dfb93-26c3-4e2a-865d-700db91db236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "Telegram/Mngct84mCz7lSDx0uk4uMuQLf745FDPXeRIP1hndScImTw", "content": "", "creation_timestamp": "2024-03-26T07:20:50.000000Z"}, {"uuid": "ad1d0242-6935-40b9-86c0-0a59a873b185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "Telegram/lvSx9mMlLtFKi8E1bKG9QE8-DBE32mfFsPXZxFV-Ra_jPg", "content": "", "creation_timestamp": "2024-03-26T07:53:45.000000Z"}, {"uuid": "b3ff2116-d7e0-49c1-b87f-d9f7411f1725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/4411", "content": "The Hacker News\nCISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nThe vulnerabilities added are as follows -\n\nCVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability\nCVE-2021-44529 (CVSS score: 9.8) - Ivanti", "creation_timestamp": "2024-03-26T07:20:51.000000Z"}, {"uuid": "6409dc2e-f5e8-40f6-b712-8cf15ac10361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/816", "content": "The Hacker News\nCISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nThe vulnerabilities added are as follows -\n\nCVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability\nCVE-2021-44529 (CVSS score: 9.8) - Ivanti", "creation_timestamp": "2024-03-26T07:20:51.000000Z"}, {"uuid": "d9c61187-2149-40aa-a48d-8f7c9877ac68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "https://t.me/true_secator/5429", "content": "\u0412\u043e\u043e\u0431\u0449\u0435 \u043d\u0435\u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0443 Ivanti \u0442\u0430\u043a\u0430\u044f \u0447\u0435\u0445\u0430\u0440\u0434\u0430 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438.\n\n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 GreyNoise, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Ivanti \u0432 2021 \u0433\u043e\u0434\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0431\u044b\u043b\u0430 \u043f\u0440\u0435\u0434\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c \u0432 PHP-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043e\u0442 \u0430\u0442\u0430\u043a \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 - csrf-magic.\n\n\u041f\u0440\u0438\u0447\u0435\u043c, \u0434\u0430\u0436\u0435 \u0442\u043e\u0433\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u0431\u044d\u043a\u0434\u043e\u0440 \u0431\u044b\u043b \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442 \u0432 2016 \u0433\u043e\u0434\u0443, Ivanti \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 EPM Cloud Services Appliance (CSA).\n\n\u0418 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u0437\u0436\u0435 Ivanti \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 (CVE-2021-44529), \u0432\u043e\u0432\u0441\u0435 \u043d\u0435 \u043e\u0431\u0440\u0430\u0449\u0430\u044f \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043d\u0438\u0447\u0435\u043c \u0434\u0440\u0443\u0433\u0438\u043c, \u043a\u0430\u043a \u0431\u044d\u043a\u0434\u043e\u0440\u043e\u043c.\n\n\u0421\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u0434\u0438\u043d \u0438\u0437 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u043e\u043c\u0443 \u0435\u0449\u0435 \u0440\u0430\u043d\u0435\u0435 \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u0442\u044c\u0441\u044f \u0441 CVE-2021-44529, \u0437\u0430\u0434\u0430\u043b\u0441\u044f \u0432\u043e\u043f\u0440\u043e\u0441\u043e\u043c: \u041f\u043e\u0447\u0435\u043c\u0443 \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u043a\u043e\u0434?\u00a0\u041d\u0435 \u0443\u0431\u0440\u0430\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043b\u0438, \u0447\u0442\u043e \u0431\u043e\u043b\u0435\u0435 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u043b\u0430\u0437\u0435\u0439\u043a\u0430 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c?", "creation_timestamp": "2024-02-19T15:49:10.000000Z"}, {"uuid": "c31c91ed-f080-4514-bcf9-9f2ebad2d0a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "exploited", "source": "https://t.me/KomunitiSiber/1688", "content": "CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products\nhttps://thehackernews.com/2024/03/cisa-alerts-on-active-exploitation-of.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday\u00a0placed\u00a0three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nThe vulnerabilities added are as follows -\n\nCVE-2023-48788\u00a0(CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability\nCVE-2021-44529\u00a0(CVSS score: 9.8) - Ivanti", "creation_timestamp": "2024-03-26T07:46:39.000000Z"}, {"uuid": "83374cc4-6c61-4923-8f44-c6c99adac3a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "https://t.me/ctinow/189779", "content": "https://ift.tt/IjA5cx3\nCode Injection Or Backdoor: A New Look At Ivanti's CVE-2021-44529", "creation_timestamp": "2024-02-21T17:08:53.000000Z"}, {"uuid": "47229f6f-637d-4041-920e-2867498b182a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44529", "type": "seen", "source": "https://t.me/cibsecurity/33664", "content": "\u203c CVE-2021-44529 \u203c\n\nA code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code with limited permissions (nobody).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T00:24:21.000000Z"}]}