{"vulnerability": "CVE-2022-21877", "sightings": [{"uuid": "b9a04a07-d348-4f44-ba6c-79e69a58cda8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21877", "type": "seen", "source": "https://t.me/arpsyndicate/733", "content": "#ExploitObserverAlert\n\nCVE-2022-21877\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-21877. Storage Spaces Controller Information Disclosure Vulnerability.\n\nFIRST-EPSS: 0.000490000\nNVD-IS: 3.6\nNVD-ES: 1.8", "creation_timestamp": "2023-11-29T12:33:21.000000Z"}, {"uuid": "c768a14b-8fbd-4196-b600-1fdc07394f1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21877", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1481", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aa demonstration PoC for CVE-2022-21877 (storage spaces controller memory leak)\nURL\uff1ahttps://github.com/Big5-sec/cve-2022-21877", "creation_timestamp": "2022-02-08T22:55:46.000000Z"}, {"uuid": "1b3f44f4-548a-4060-8ff7-2ca3c8f9aafa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21877", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1713", "content": "#exploit\n1. A Zero-Click RCE Exploit for the Peloton Bike\n(And Also Every Other Unpatched Android Device)\nhttps://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device\n\n2. An analysis of CVE-2022-21877\nhttps://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877\n\n3. CVE-2022-20699:\nCisco Anyconnect VPN unauth RCE (rwx stack)\nhttps://github.com/Audiobahn/CVE-2022-20699\n\n@BlueRedTeam", "creation_timestamp": "2022-02-11T17:35:21.000000Z"}, {"uuid": "8ea1dade-5455-478a-89e2-cf5d3b3d51cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21877", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5388", "content": "#exploit\n1. A Zero-Click RCE Exploit for the Peloton Bike\n(And Also Every Other Unpatched Android Device)\nhttps://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device\n\n2. An analysis of CVE-2022-21877\nhttps://big5-sec.github.io/posts/an-analysis-of-cve-2022-21877\n\n3. CVE-2022-20699:\nCisco Anyconnect VPN unauth RCE (rwx stack)\nhttps://github.com/Audiobahn/CVE-2022-20699", "creation_timestamp": "2025-01-09T16:27:14.000000Z"}]}