{"vulnerability": "cve-2021-2195", "sightings": [{"uuid": "7027af1f-af73-47c6-aad2-4852e1b85b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21958", "type": "seen", "source": "https://t.me/cibsecurity/37599", "content": "\u203c CVE-2021-21958 \u203c\n\nA heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:36:27.000000Z"}, {"uuid": "5c144f24-526a-4b39-b24d-4001cd980884", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21957", "type": "seen", "source": "https://t.me/cibsecurity/33650", "content": "\u203c CVE-2021-21957 \u203c\n\nA privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T00:23:55.000000Z"}, {"uuid": "fa2acb38-e7bd-4fec-b65a-cf7dee069a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21955", "type": "seen", "source": "https://t.me/cibsecurity/33690", "content": "\u203c CVE-2021-21955 \u203c\n\nAn authentication bypass vulnerability exists in the get_aes_key_info_by_packetid() function of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. Generic network sniffing can lead to password recovery. An attacker can sniff network traffic to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:23:52.000000Z"}, {"uuid": "a88e005a-4620-400d-a580-ac2386779be6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21951", "type": "seen", "source": "https://t.me/cibsecurity/33647", "content": "\u203c CVE-2021-21951 \u203c\n\nAn out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function read_udp_push_config_file. A specially-crafted network packet can lead to code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T00:23:52.000000Z"}, {"uuid": "b9862964-04e0-4061-a0ce-57f31d12274c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21954", "type": "seen", "source": "https://t.me/cibsecurity/33696", "content": "\u203c CVE-2021-21954 \u203c\n\nA command execution vulnerability exists in the wifi_country_code_update functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to arbitrary command execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:24:00.000000Z"}, {"uuid": "8a82a9f2-094b-4253-b2a6-b6bc6ac35c4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21950", "type": "seen", "source": "https://t.me/cibsecurity/33663", "content": "\u203c CVE-2021-21950 \u203c\n\nAn out-of-bounds write vulnerability exists in the CMD_DEVICE_GET_SERVER_LIST_REQUEST functionality of the home_security binary of Anker Eufy Homebase 2 2.1.6.9h in function recv_server_device_response_msg_process. A specially-crafted network packet can lead to code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T00:24:19.000000Z"}]}