{"vulnerability": "cve-2021-3616", "sightings": [{"uuid": "3ab56a7e-f171-46af-8797-d4678dfb4b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36161", "type": "seen", "source": "https://t.me/arpsyndicate/3145", "content": "#ExploitObserverAlert\n\nCVE-2021-36161\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2021-36161. Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously customized bean with special toString method. In the latest version, we fix the toString call in timeout, cache and some other places. Fixed in Apache Dubbo 2.7.13\n\nFIRST-EPSS: 0.030010000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T01:06:42.000000Z"}, {"uuid": "8875b829-65ec-4984-a00f-81ad57a47f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36160", "type": "seen", "source": "https://gist.github.com/PythonCoderUnicorn/d6b88a20a4dd6922377a44f4d68ccae6", "content": "", "creation_timestamp": "2025-02-14T17:38:04.000000Z"}, {"uuid": "8fe4ffed-f13e-420a-9395-409a47bb3e4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36160", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "209c891a-2f36-42fd-9e5c-739cc8a86a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36163", "type": "seen", "source": "https://t.me/arpsyndicate/3199", "content": "#ExploitObserverAlert\n\nCVE-2021-36163\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2021-36163. In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkeleton: New HessianSkeleton are created without any configuration of the serialization factory and therefore without applying the dubbo properties for applying allowed or blocked type lists. In addition, the generic service is always exposed and therefore attackers do not need to figure out a valid service/method name pair. This is fixed in 2.7.13, 2.6.10.1\n\nFIRST-EPSS: 0.319360000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T04:14:24.000000Z"}, {"uuid": "29bc6141-d6ec-469c-9374-2d857200dc88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36162", "type": "seen", "source": "https://t.me/arpsyndicate/3178", "content": "#ExploitObserverAlert\n\nCVE-2021-36162\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2021-36162. Apache Dubbo supports various rules to support configuration override or traffic routing (called routing in Dubbo). These rules are loaded into the configuration center (eg: Zookeeper, Nacos, ...) and retrieved by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers will use SnakeYAML library to load the rules which by default will enable calling arbitrary constructors. An attacker with access to the configuration center he will be able to poison the rule so when retrieved by the consumers, it will get RCE on all of them. This was fixed in Dubbo 2.7.13, 3.0.2\n\nFIRST-EPSS: 0.001650000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T03:13:32.000000Z"}, {"uuid": "1a602a00-5c9c-40fc-873d-ca3670afba5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36166", "type": "seen", "source": "https://t.me/cibsecurity/38268", "content": "\u203c CVE-2021-36166 \u203c\n\nAn improper authentication vulnerability\u00c2\u00a0in\u00c2\u00a0FortiMail before 7.0.1 may allow a remote attacker to efficiently guess one administrative account's authentication token by means of the observation of certain system's properties.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-01T20:24:23.000000Z"}, {"uuid": "9be8000f-e6bc-403c-a9bb-18851068f482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36169", "type": "seen", "source": "https://t.me/cibsecurity/33836", "content": "\u203c CVE-2021-36169 \u203c\n\nA Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-13T16:11:32.000000Z"}, {"uuid": "0fb32e53-e4a9-41b9-972b-cc7435e9cb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36165", "type": "seen", "source": "https://t.me/cibsecurity/29540", "content": "\u203c CVE-2021-36165 \u203c\n\nRICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of sensitive information and sends username and password as base64.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T14:35:42.000000Z"}, {"uuid": "53b8e437-0dbf-49dd-b900-9acaa3e6dff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36168", "type": "seen", "source": "https://t.me/cibsecurity/26814", "content": "\u203c CVE-2021-36168 \u203c\n\nA Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request\u00c2\u00a0with malicious\u00c2\u00a0parameter values.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T19:24:30.000000Z"}, {"uuid": "1c6fe800-0999-4506-a345-518fbc2f36fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3616", "type": "seen", "source": "https://t.me/cibsecurity/27437", "content": "\u203c CVE-2021-3616 \u203c\n\nA vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-17T20:15:55.000000Z"}, {"uuid": "b8c828bc-8ab5-4325-bdbc-61fc4ff6b2d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36168", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4061", "content": "#Threat_Research\n1. Fortinet FortiPortal Vulnerability Disclosures (CVE-2021-32588, CVE-2021-36168)\nhttps://insomniasec.com/blog/fortiportal-disclosures\n2. Modify in-flight data to payment provider Smart2Pay\nhttps://hackerone.com/reports/1295844", "creation_timestamp": "2021-08-14T13:25:01.000000Z"}, {"uuid": "a7b8904f-ac05-413c-b2d1-eeeecc132809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36160", "type": "seen", "source": "https://t.me/cibsecurity/28987", "content": "\u203c CVE-2021-36160 \u203c\n\nA carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T18:22:48.000000Z"}]}