{"vulnerability": "cve-2021-4344", "sightings": [{"uuid": "f9159a06-841e-4190-8bf7-011fc64380de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43446", "type": "seen", "source": "https://t.me/cvedetector/5139", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-50883 - ONLYOFFICE Docs Sandbox Escape Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-50883 \nPublished : Sept. 9, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : ONLYOFFICE Docs before 8.0.1 allows XSS because a macro is an immediately-invoked function expression (IIFE), and therefore a sandbox escape is possible by directly calling the constructor of the Function object. NOTE: this issue exists because of an incorrect fix for CVE-2021-43446. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T23:10:47.000000Z"}, {"uuid": "f58d5b36-3f9e-4f81-a946-8e180ebe338f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10133", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-43444\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.\n\ud83d\udccf Published: 2023-01-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-02T16:06:02.583Z\n\ud83d\udd17 References:\n1. https://github.com/ONLYOFFICE/server\n2. https://www.onlyoffice.com/\n3. https://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution/", "creation_timestamp": "2025-04-02T16:35:18.000000Z"}, {"uuid": "26d44663-4cb9-45e2-8eb3-82ac1a108798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43446", "type": "seen", "source": "https://t.me/cvedetector/5134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44085 - ONLYOFFICE Docs Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-44085 \nPublished : Sept. 9, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : ONLYOFFICE Docs before 8.1.0 allows XSS via a GeneratorFunction Object attack against a macro. This is related to use of an immediately-invoked function expression (IIFE) for a macro. NOTE: this issue exists because of an incorrect fix for CVE-2021-43446 and CVE-2023-50883. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T23:10:40.000000Z"}, {"uuid": "7cf88576-1e30-4fe8-8bb9-6509ef208a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "seen", "source": "https://t.me/crackcodes/1807", "content": "\ud83d\udd25CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated RCE.", "creation_timestamp": "2022-12-16T14:45:14.000000Z"}, {"uuid": "173a95bb-e97e-40ec-bb99-1c61a81585d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/631", "content": "CVE-2021-43444 To 43449 : Exploiting ONLYOFFICE Web Sockets for Unauthenticated Remote Code Execution\nhttps://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution", "creation_timestamp": "2022-12-19T21:29:02.000000Z"}, {"uuid": "e715cb79-0fd8-460f-9011-502f6425910a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43445", "type": "seen", "source": "https://t.me/cibsecurity/56837", "content": "\u203c CVE-2021-43445 \u203c\n\nONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can authenticate with the web socket service of the ONLYOFFICE document editor which is protected by JWT auth by using a default JWT signing key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T18:25:06.000000Z"}, {"uuid": "f7f7ec51-31c6-43fe-a4a3-c6d9b08db0df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "seen", "source": "https://t.me/crackcodes/1802", "content": "#exploit\n1. CVE-2022-42895:\nLinux Kernel: Infoleak in Bluetooth L2CAP Handling\nhttps://seclists.org/oss-sec/2022/q4/190\n\n2. CVE-2021-43444 - 43449:\nExploiting ONLYOFFICE Web Sockets for Unauth RCE\nhttps://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution\n\n3. Exploiting SUID Binaries\nhttps://medium.com/@tinopreter/linux-privesc-3-exploiting-suid-binaries-72ec5460c6a", "creation_timestamp": "2022-12-16T14:10:01.000000Z"}, {"uuid": "251ca068-6543-4142-a9f3-5bb6cbebc60a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "seen", "source": "https://t.me/cibsecurity/56843", "content": "\u203c CVE-2021-43444 \u203c\n\nONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document download URLs can be forged due to a weak default URL signing key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T18:25:14.000000Z"}, {"uuid": "51fd6e21-ea1c-49e1-a63b-c5ab207d605a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43442", "type": "seen", "source": "https://t.me/cibsecurity/40494", "content": "\u203c CVE-2021-43442 \u203c\n\nA Logic Flaw vulnerability exists in i3 International Inc Annexxus Camera V5.2.0 build 150317 (Ax46), V5.0.9 build 151106 (Ax68), and V5.0.9 build 150615 (Ax78) due to a failure to allow the creation of more than one administrator account; however, this can be bypassed by parameter maniulation using PUT and DELETE and by calling the 'UserPermission' endpoint with the ID of created account and set it to 'admin' userType, successfully adding a second administrative account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-11T22:16:10.000000Z"}, {"uuid": "cbc54e72-702c-4464-bf33-56c940eeb56b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43440", "type": "seen", "source": "https://t.me/cibsecurity/34299", "content": "\u203c CVE-2021-43440 \u203c\n\nMultiple Stored XSS Vulnerabilities in the Source Code of iOrder 1.0 allow remote attackers to execute arbitrary code via signup form in the Name and Phone number field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T22:41:17.000000Z"}, {"uuid": "7afa4800-983a-48b6-b5e1-7216546c3b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43441", "type": "seen", "source": "https://t.me/cibsecurity/34295", "content": "\u203c CVE-2021-43441 \u203c\n\nAn HTML Injection Vulnerability in iOrder 1.0 allows the remote attacker to execute Malicious HTML codes via the signup form\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T22:41:11.000000Z"}, {"uuid": "ffd3a4a4-33cd-44ec-9d39-10bb07863a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6822", "content": "CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated Remote Code Execution\n\nhttps://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution/", "creation_timestamp": "2022-12-19T09:50:22.000000Z"}, {"uuid": "3af89253-0d06-4401-ba41-736a34970769", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43444", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7367", "content": "#exploit\n1. CVE-2022-42895:\nLinux Kernel: Infoleak in Bluetooth L2CAP Handling\nhttps://seclists.org/oss-sec/2022/q4/190\n\n2. CVE-2021-43444 - 43449:\nExploiting ONLYOFFICE Web Sockets for Unauth RCE\nhttps://labs.nettitude.com/blog/exploiting-onlyoffice-web-sockets-for-unauthenticated-remote-code-execution\n]-> https://xz.aliyun.com/t/12008\n\n3. Exploiting SUID Binaries\nhttps://medium.com/@tinopreter/linux-privesc-3-exploiting-suid-binaries-72ec5460c6a", "creation_timestamp": "2023-01-06T08:58:07.000000Z"}]}