{"vulnerability": "cve-2021-3454", "sightings": [{"uuid": "e1af84bd-511c-4446-8c1a-b4c9332b34e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34543", "type": "seen", "source": "https://t.me/cibsecurity/33527", "content": "\u203c CVE-2021-34543 \u203c\n\nThe web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-08T00:23:03.000000Z"}, {"uuid": "bb0ddf6d-7362-4e99-83d3-75a3c7da2889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34544", "type": "seen", "source": "https://t.me/cibsecurity/33526", "content": "\u203c CVE-2021-34544 \u203c\n\nAn issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, cleartext passwords are stored. This may allow sensitive information to be read by someone with access to the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-08T00:22:59.000000Z"}, {"uuid": "9d4532b5-193d-4b9e-b0a2-b89d35fb1a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34546", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/645", "content": "CVE-2021-34546 NetSetManPro 4.7.2 \u6b0a\u9650\u63d0\u5347\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-34546_NetSetManPro_4.7.2_%E6%AC%8A%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-06-13T01:42:48.000000Z"}, {"uuid": "e21baf99-922a-4ddf-97db-04f1b1fc094c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3454", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/30847", "content": "\u203c CVE-2021-3454 \u203c\n\nTruncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-20T02:33:34.000000Z"}, {"uuid": "af2d8b05-c48e-4fa3-8caf-0d054cf37680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34548", "type": "seen", "source": "https://t.me/cibsecurity/25776", "content": "\u203c CVE-2021-34548 \u203c\n\nAn issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-003. An attacker can forge RELAY_END or RELAY_RESOLVED to bypass the intended access control for ending a stream.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-29T14:28:43.000000Z"}]}