{"vulnerability": "cve-2021-3791", "sightings": [{"uuid": "687e801e-55e4-45d6-b1f6-e6c693ca33f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37912", "type": "seen", "source": "https://t.me/cibsecurity/28936", "content": "\u203c CVE-2021-37912 \u203c\n\nThe HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T22:22:04.000000Z"}, {"uuid": "416518cc-ca2c-45ba-8b59-6d618e8c7004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37910", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2706", "content": "STEP2: Pick the attack module you wish      1) Frames detected at the moment of connectivity disruption, one-by-one\n    2) Sequence of frames till the moment a disruption was detected (BETA)\n  STEP3: The first mode of DoS802.11, tests all the frames that the fuzzer detected up to that moment. It is a second hand filtering to separate the true positive from the false positive frames. In case  a frame is positive, i.e., causes a DoS to the associated STA, an exploit is being produced automatically.\n  STEP4: DoS802.11 exits when the log files have been considered.  **The rest to modules are currently in BETA mode.  Vulnerabilities  So far, the fuzzer managed to identify the following CVE IDs, by exploiting different Management frames:      CVE IDs  Vulnerable Devices/Chipsets  WPA2/WPA3-SAE  Status  Score      CVE-2022-32654 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32654)  mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788  Both  Published  6.7 (Medium)      CVE-2022-32655 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32655)  mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788  Both  Published  6.7 (Medium)      CVE-2022-32656 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32656)  mt5221/mt7603/mt7613\nmt7615/mt7622/mt7628\nmt7629/mt7663/mt7668\nmt7682/mt7686/mt7687\nmt7697/mt7902/mt7915\nmt7916/mt7921/mt7933\nmt7981/mt7986/mt8167S\nmt8175/mt8362A/mt8365\nmt8385/mt8518S/mt8532\nmt8695/mt8696/mt8788  Both  Published  6.7 (Medium)      CVE-2022-32657 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32657)  mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986  Both  Published  6.7 (Medium)      CVE-2022-32658 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32658)  mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986  Both  Published  6.7 (Medium)      CVE-2022-32659 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32659)  mt7603/mt7613/mt7615\nmt7622/mt7628/mt7629\nmt7915/mt7916/mt7981\nmt7986/mt8518s/mt8532  Both  Published  6.7 (Medium)      CVE-2022-46740 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46740)  WS7100-20  Both  Published  6.5 (Medium)      We would like also to thank the MediaTek and Huawei security teams, for acknowledging and fixing these security issues, as stated in the following two security advisories: MediaTek (https://corp.mediatek.com/product-security-acknowledgements) and Huawei (https://www.huawei.com/en/psirt/security-advisories/2022/huawei-sa-dosvihswr-8f632df1-en).  Moreover, by following the methodology of the work titled \"How is your Wi-Fi connection today? DoS attacks on WPA3-SAE\" (https://www.sciencedirect.com/science/article/pii/S221421262100243X), the fuzzer can identify the same SAE vulnerabilities (https://www.kitploit.com/search/label/vulnerabilities) which are linked to the below CVE IDs:      CVE IDs  Vulnerable Devices/Chipsets  WPA2/WPA3-SAE  Status  Score      CVE-2021-37910 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37910)  All ASUS RX-based models  WPA3-SAE  Published  5.3 (medium)      CVE-2021-40288 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40288)  AX10v1  WPA3-SAE  Published  7.5 (high)      CVE-2021-41753 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41753)  DIR-x1560/DIR-X6060  WPA3-SAE  Published  7.5 (high)      CVE-2021-41788 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41788)  mt7603E/mt7612/mt7613\nmt7615/mt7622/mt7628", "creation_timestamp": "2023-07-10T13:19:09.000000Z"}, {"uuid": "73431077-f5aa-43ab-a2e0-c269c76cfee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37916", "type": "seen", "source": "https://t.me/cibsecurity/26728", "content": "\u203c CVE-2021-37916 \u203c\n\nJoplin before 2.0.9 allows XSS via button and form in the note body.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T07:27:46.000000Z"}, {"uuid": "b28fa208-8e7f-4e3a-a8a3-dcae1bbd4d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3791", "type": "seen", "source": "https://t.me/cibsecurity/32345", "content": "\u203c CVE-2021-3791 \u203c\n\nAn information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an unauthenticated attacker on the same subnet to download an encrypted log file containing sensitive information such as WiFi SSID and password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-13T00:39:32.000000Z"}, {"uuid": "53295644-7dd4-4c41-b55a-ff23de70c0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37913", "type": "seen", "source": "https://t.me/cibsecurity/28942", "content": "\u203c CVE-2021-37913 \u203c\n\nThe HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T22:22:14.000000Z"}, {"uuid": "0c72a6e9-1362-4b28-8964-cf83030ebc0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37919", "type": "seen", "source": "https://t.me/cibsecurity/30176", "content": "\u203c CVE-2021-37919 \u203c\n\nZoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T20:33:55.000000Z"}, {"uuid": "4d2233f6-c6d2-486d-b8b0-5f4506434902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37918", "type": "seen", "source": "https://t.me/cibsecurity/30192", "content": "\u203c CVE-2021-37918 \u203c\n\nZoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T20:34:16.000000Z"}, {"uuid": "202fa776-d550-4e3b-9a9d-6697b24813dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37911", "type": "seen", "source": "https://t.me/cibsecurity/28005", "content": "\u203c CVE-2021-37911 \u203c\n\nThe management interface of BenQ smart wireless conference projector does not properly control user's privilege. Attackers can access any system directory of this device through the interface and execute arbitrary commands if he enters the local subnetwork.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T18:32:23.000000Z"}, {"uuid": "1c02abe4-2672-4d60-b09a-4ce5adc75e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37914", "type": "seen", "source": "https://t.me/cibsecurity/26726", "content": "\u203c CVE-2021-37914 \u203c\n\nIn Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow because expression template output is evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-03T07:27:44.000000Z"}, {"uuid": "d7e558db-51de-4494-932c-37925396a8a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37915", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4614", "content": "#exploit\n1. Exploiting Grandstream HT801 ATA\n(CVE-2021-37748, CVE-2021-37915)\nhttps://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915\n]-> PoC: https://github.com/SECFORCE/CVE-2021-37748\n\n2. Finding An Unauthenticated RCE in MovableType (CVE-2021-20837)\nhttps://nemesis.sh/posts/movable-type-0day\n]-> PoC: https://github.com/ghost-nemesis/cve-2021-20837-poc", "creation_timestamp": "2024-08-05T18:55:24.000000Z"}]}