{"vulnerability": "cve-2021-3811", "sightings": [{"uuid": "c0ca5b70-9931-46b8-84a7-651ce76b8b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38112", "type": "published-proof-of-concept", "source": "https://t.me/cloud_sec/203", "content": "\ud83d\udd36 CVE-2021-38112: AWS WorkSpaces Remote Code Execution\n\nA vulnerability in the AWS WorkSpaces desktop client (CVE-2021-38112), which allows commands to be executed if a victim opens a malicious WorkSpaces URI from their browser.\n\nhttps://rhinosecuritylabs.com/aws/cve-2021-38112-aws-workspaces-rce/\n\n#aws", "creation_timestamp": "2021-09-27T06:31:36.000000Z"}, {"uuid": "92a023bd-5764-4206-b5f5-800f151f4ae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3811", "type": "seen", "source": "https://t.me/cibsecurity/29034", "content": "\u203c CVE-2021-3811 \u203c\n\nadminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-17T12:23:31.000000Z"}, {"uuid": "cd2f4ecc-5b9a-4852-80b5-f4c4d2708823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38112", "type": "seen", "source": "https://t.me/information_security_channel/45320", "content": "Remote Code Execution Vulnerability Found in AWS WorkSpaces\nhttp://feedproxy.google.com/~r/securityweek/~3/yPzIUfA2pFw/remote-code-execution-vulnerability-found-aws-workspaces\n\nRhino Security Labs researchers have identified a vulnerability in the AWS WorkSpaces desktop client that could allow an attacker to execute arbitrary code remotely.\nTracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable system.\nread more (https://www.securityweek.com/remote-code-execution-vulnerability-found-aws-workspaces)", "creation_timestamp": "2021-09-22T18:22:12.000000Z"}, {"uuid": "e3f135c4-6335-44b0-b5e2-1f6c446450d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38115", "type": "seen", "source": "https://t.me/cibsecurity/26863", "content": "\u203c CVE-2021-38115 \u203c\n\nread_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-05T01:23:45.000000Z"}, {"uuid": "9de38d50-8533-4c8b-a2db-397d3321a4cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38114", "type": "seen", "source": "https://t.me/cibsecurity/26862", "content": "\u203c CVE-2021-38114 \u203c\n\nlibavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-05T01:23:44.000000Z"}, {"uuid": "e2b79cec-019f-4cb5-81ca-c4b137f450d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38113", "type": "seen", "source": "https://t.me/cibsecurity/26857", "content": "\u203c CVE-2021-38113 \u203c\n\nIn addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) through 1.4.7, inserting JavaScript into the Add Bouquet feature of the Bouquet Editor (i.e., bouqueteditor/api/addbouquet?name=) leads to Stored XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T23:23:56.000000Z"}, {"uuid": "5a4ed9b9-846d-4b19-bceb-fbee2a9464ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38111", "type": "seen", "source": "https://t.me/cibsecurity/26852", "content": "\u203c CVE-2021-38111 \u203c\n\nThe DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T23:23:48.000000Z"}, {"uuid": "bcbce104-1650-4afd-a717-4954c978701a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38112", "type": "seen", "source": "https://t.me/cibsecurity/29211", "content": "\u203c CVE-2021-38112 \u203c\n\nIn the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces:// URI handler can lead to remote code execution because of the Chromium Embedded Framework (CEF) --gpu-launcher argument.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-22T07:28:28.000000Z"}, {"uuid": "e10186b3-6523-4d90-8e3b-c7b733e1b8c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38112", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4416", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Sep 1-30)\nCVE-2021-40444 - Microsoft MSHTML RCE\nhttps://t.me/cybersecuritytechnologies/4276\nCVE-2021-26084 - Confluence Server Webwork OGNL Inj\nhttps://t.me/cybersecuritytechnologies/4202\nCVE-2021-22005 - vCenter Server contains - arbitrary file upload\nhttps://t.me/cybersecuritytechnologies/4401\nCVE-2021-30860 - Zero-Click iPhone Exploit\nhttps://t.me/cybersecuritytechnologies/4318\nCVE-2021-38647 - OMIGOD RCE Vuln in Multiple Azure Linux Deployments\nhttps://t.me/cybersecuritytechnologies/4315\nCVE-2021-30632 - Out of bounds write in V8\nhttps://t.me/cybersecuritytechnologies/4342\nCVE-2021-33035 - Code Execution in Apache OpenOffice\nhttps://t.me/cybersecuritytechnologies/4329\nCVE-2021-38112 - AWS WorkSpaces Desktop Client RCE\nhttps://t.me/cybersecuritytechnologies/4358\nCVE-2021-30740 / CVE-2021-30768 - A malicious application may be able to execute arbitrary code with kernel privileges\nhttps://mobile.twitter.com/infinityABCDE/status/1437596340222038017", "creation_timestamp": "2021-10-01T11:01:01.000000Z"}, {"uuid": "ee74fd48-b8ff-4537-9cc5-e5f7fb1ca34f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38112", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4358", "content": "#Cloud_Security\nCVE-2021-38112:\nAWS WorkSpaces Desktop Client RCE\nhttps://rhinosecuritylabs.com/aws/cve-2021-38112-aws-workspaces-rce", "creation_timestamp": "2021-09-23T11:07:01.000000Z"}]}