{"vulnerability": "CVE-2021-3710", "sightings": [{"uuid": "80037caf-39f3-45c1-911a-91fa5832eb92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37103", "type": "seen", "source": "https://t.me/cibsecurity/38136", "content": "\u203c CVE-2021-37103 \u203c\n\nThere is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-25T22:21:26.000000Z"}, {"uuid": "bf61821b-eb93-49b7-b7bf-a080ff590909", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37109", "type": "seen", "source": "https://t.me/cibsecurity/37160", "content": "\u203c CVE-2021-37109 \u203c\n\nThere is a security protection bypass vulnerability with the modem.Successful exploitation of this vulnerability may cause memory protection failure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T02:19:21.000000Z"}, {"uuid": "b372ecbb-7721-4d5c-a1d7-17ecf1d6bd71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37100", "type": "seen", "source": "https://t.me/cibsecurity/33492", "content": "\u203c CVE-2021-37100 \u203c\n\nThere is a Improper Authentication vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to account authentication bypassed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T20:22:14.000000Z"}, {"uuid": "08d67719-7a77-49f8-bf04-a398c2398e56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37106", "type": "seen", "source": "https://t.me/cibsecurity/29569", "content": "\u203c CVE-2021-37106 \u203c\n\nThere is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6.5.0 and 8.0.0 when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T18:36:00.000000Z"}, {"uuid": "08a29c00-7ce4-4c33-94bc-c441e1e139f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37105", "type": "seen", "source": "https://t.me/cibsecurity/29566", "content": "\u203c CVE-2021-37105 \u203c\n\nThere is an improper file upload control vulnerability in FusionCompute 6.5.0, 6.5.1 and 8.0.0. Due to the improper verification of file to be uploaded and does not strictly restrict the file access path, attackers may upload malicious files to the device, resulting in the service abnormal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T18:35:55.000000Z"}, {"uuid": "38e4134a-44a3-45ca-a696-8d7a815cadf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37104", "type": "seen", "source": "https://t.me/cibsecurity/29564", "content": "\u203c CVE-2021-37104 \u203c\n\nThere is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118(C00E116R3P3). This vulnerability is due to insufficient validation of parameters while dealing with some messages. A successful exploit could allow the attacker to gain access to certain resource which the attacker are supposed not to do.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T18:35:53.000000Z"}, {"uuid": "f0cd427e-f70c-4176-b74e-6e4722eaffbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37102", "type": "seen", "source": "https://t.me/cibsecurity/32860", "content": "\u203c CVE-2021-37102 \u203c\n\nThere is a command injection vulnerability in CMA service module of FusionCompute product when processing the default certificate file. The software constructs part of a command using external special input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands to the system. Affected product versions include: FusionCompute 6.0.0, 6.3.0, 6.3.1, 6.5.0, 6.5.1, 8.0.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-23T18:21:10.000000Z"}, {"uuid": "06a1e398-c45a-4c23-9ec5-fe593613317a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37101", "type": "seen", "source": "https://t.me/cibsecurity/28593", "content": "\u203c CVE-2021-37101 \u203c\n\nThere is an improper authorization vulnerability in AIS-BW50-00 9.0.6.2(H100SP10C00) and 9.0.6.2(H100SP15C00). Due to improper authorization mangement, an attakcer can exploit this vulnerability by physical accessing the device and implant malicious code. Successfully exploit could leads to arbitrary code execution in the target device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-09T18:29:35.000000Z"}]}