{"vulnerability": "cve-2021-27905", "sightings": [{"uuid": "141f8f93-d84a-4090-a4b8-c81975aad9dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-27905.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "5bc170ba-0674-44f3-8cb5-d209ecd3ffcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "seen", "source": "MISP/db788427-6e26-4d63-9db3-fdbaad1a8912", "content": "", "creation_timestamp": "2024-11-14T06:09:02.000000Z"}, {"uuid": "73715202-7f98-4245-bb78-a204388293dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "published-proof-of-concept", "source": "Telegram/ZHsH8l_PJf6qA-LG3pwKoQfrYnUBM4bmr6171DkIh35gCrQ", "content": "", "creation_timestamp": "2025-10-18T21:00:05.000000Z"}, {"uuid": "883076fd-bc03-480a-897b-5b522a381b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/498", "content": "CVE-2021-27905 Apache Solr Replication handler SSRF\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-27905_Apache_Solr_Replication_handler_SSRF%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-22T02:46:56.000000Z"}, {"uuid": "675c496c-9719-433a-962b-083dacf7d741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3219", "content": "#Analytics\n10 most exploited vulnerabilities of the week (April 19-25)\nCVE-2021-3156 Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 Win kernel 0-day\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-22893 Pulse SecureVPN RCE\nhttps://t.me/cybersecuritytechnologies/3185\nCVE-2021-22204 Improper neutralization of user data in DjVu\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-26415 Win Installer EoP\nhttps://t.me/cybersecuritytechnologies/3186\nCVE-2021-3493 OverlayFS PE\nhttps://t.me/cybersecuritytechnologies/3164\nCVE-2021-26413 Win Installer Spoofing\nhttps://t.me/cybersecuritytechnologies/3176\nCVE-2016-7836 SKYSEA Client View Arbitrary Code Exec\nhttps://www.virusbulletin.com/virusbulletin/2020/05/vb2019-paper-apt-cases-exploiting-vulnerabilities-regionspecific-software\nCVE-2021-27905 Apache Solr SSRF\nhttps://t.me/cybersecuritytechnologies/3213", "creation_timestamp": "2021-04-26T11:02:21.000000Z"}, {"uuid": "d2fa8ab6-5347-4d97-9c85-fe9f640abf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3213", "content": "#exploit\nCVE-2021-27905:\nApache Solr SSRF\nhttps://github.com/henry4e36/solr-ssrf", "creation_timestamp": "2022-07-06T05:30:42.000000Z"}, {"uuid": "17174e72-4262-43dd-9976-e09931e72de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-27905", "type": "published-proof-of-concept", "source": "https://t.me/critical_bug/1488", "content": "\ud83c\udfaf\ud83d\udcbb\ud83d\udd0d SSRF due to CVE-2021-27905 in www.\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\n\n\ud83d\udee1\ufe0f \u0422\u0438\u043f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: Server-Side Request Forgery (SSRF)\n\ud83d\udcb0 \u0411\u0430\u0443\u043d\u0442\u0438: \u041d\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043e\n\u26a0\ufe0f \u041a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c: \u0421\u0440\u0435\u0434\u043d\u044f\u044f\n\n\ud83d\udd0d \u0410\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SSRF \u0432 Apache Solr \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 \"masterUrl\", \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043a\u0430\u043a CVE-2021-27905. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f\u043c \u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0432\u043d\u0443\u0442\u0440\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u043f\u043e\u0448\u0430\u0433\u043e\u0432\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0438 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b \u0434\u043b\u044f \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u0432\u0435\u0440\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.\n\n#SSRF #Medium #DoD\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0440\u0435\u043f\u043e\u0440\u0442\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435", "creation_timestamp": "2024-09-17T19:01:14.000000Z"}]}