{"vulnerability": "CVE-2021-2291", "sightings": [{"uuid": "4790b565-ffa3-4c2f-b354-b38b177c5c7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-22911.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "53b9f866-4ed3-4b5f-81b1-017cc2e431dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "https://www.exploit-db.com/exploits/49960", "content": "", "creation_timestamp": "2021-06-07T00:00:00.000000Z"}, {"uuid": "954c3ad9-53f0-4903-9ebd-bfe337ec3313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "https://www.exploit-db.com/exploits/50108", "content": "", "creation_timestamp": "2021-07-07T00:00:00.000000Z"}, {"uuid": "9b011ee4-142e-4185-aabe-a305143e55bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "seen", "source": "MISP/0443cb24-eaae-4a12-8f65-c0d31cce8640", "content": "", "creation_timestamp": "2024-11-14T06:09:06.000000Z"}, {"uuid": "c1c37b2f-de36-4cba-9bd7-497c934fbdc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "aa88cbac-e7a6-442b-8d96-2df16eb20f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-27)", "content": "", "creation_timestamp": "2025-02-27T00:00:00.000000Z"}, {"uuid": "e24457a1-53cc-412e-aa00-7ec5d27fa32f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-26)", "content": "", "creation_timestamp": "2025-02-26T00:00:00.000000Z"}, {"uuid": "8a89ca94-7038-47dc-b5a2-b190865d62da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "6ad50e69-1d27-47a6-b615-10e1b125f1b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "bd6788d0-52cb-4d60-a57b-b542bfca7935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-18)", "content": "", "creation_timestamp": "2025-02-18T00:00:00.000000Z"}, {"uuid": "d6979f6b-d791-44ca-8f4c-7a1678f7113c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-17)", "content": "", "creation_timestamp": "2025-03-17T00:00:00.000000Z"}, {"uuid": "527acbdc-00d2-4b94-9c3e-297f70b1001d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "6620cb51-0995-468a-8c03-ad8677a11f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-14)", "content": "", "creation_timestamp": "2025-08-14T00:00:00.000000Z"}, {"uuid": "f1669048-c4de-41b8-9f08-d8dbc9fb9d79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-08)", "content": "", "creation_timestamp": "2025-12-08T00:00:00.000000Z"}, {"uuid": "62a3a181-746b-40e4-9ca2-8e824cdb372d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "32297a1b-b8cb-458e-b1a0-782cd1ae0e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22916", "type": "seen", "source": "https://gist.github.com/Darkcrai86/07be988367e9ec18e05787b18a43e1f5", "content": "", "creation_timestamp": "2025-09-03T08:33:55.000000Z"}, {"uuid": "1802a3a8-c72a-4874-b1c0-8d1bd6cfc4e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22915", "type": "seen", "source": "https://gist.github.com/Darkcrai86/07be988367e9ec18e05787b18a43e1f5", "content": "", "creation_timestamp": "2025-09-03T08:33:55.000000Z"}, {"uuid": "d3668ab9-881a-4c3b-a482-50d87aeba4fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22917", "type": "seen", "source": "https://gist.github.com/Darkcrai86/07be988367e9ec18e05787b18a43e1f5", "content": "", "creation_timestamp": "2025-09-03T08:33:55.000000Z"}, {"uuid": "a6e1b5ad-d0b4-4269-b7db-2136a25e610a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-22)", "content": "", "creation_timestamp": "2026-02-22T00:00:00.000000Z"}, {"uuid": "27282adf-527a-4d96-b40f-1326d46a910b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "published-proof-of-concept", "source": "Telegram/fHdHq2iv-r09R2vTmaeQAKJRL-d8WcHRvOiDWAXdIkaQPoc", "content": "", "creation_timestamp": "2026-04-10T15:00:07.000000Z"}, {"uuid": "ba72738c-2e64-4a9b-b5d6-1626ff15dee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/224", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aFull unauthenticated RCE proof of concept for Rocket.Chat 3.12.1 CVE-2021-22911\nURL\uff1ahttps://github.com/optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911", "creation_timestamp": "2021-07-30T21:59:45.000000Z"}, {"uuid": "065b8e55-88cc-4a8f-ab74-66bfc50968e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/38529", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aUpdated exploit for CVE-2021-22911 (Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated))\nURL\uff1ahttps://github.com/octodi/CVE-2021-22911\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-05-29T10:38:42.000000Z"}, {"uuid": "cc4ce886-40c3-462b-8e9e-05dfbf924d9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/222", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aFull unauthenticated RCE proof of concept for Rocket.Chat 3.12.1 CVE-2021-22911\nURL\uff1ahttps://github.com/optionalCTF/Rocket.Chat-Unauthenticated-RCE-CVE-2021-22911-", "creation_timestamp": "2021-07-30T21:47:36.000000Z"}, {"uuid": "9c4b3fcc-e964-48bf-9035-cf8a140c7ba3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22910", "type": "seen", "source": "https://t.me/cibsecurity/27013", "content": "\u203c CVE-2021-22910 \u203c\n\nA sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T16:36:58.000000Z"}, {"uuid": "293e12a1-25b7-4d7b-a4aa-0f26da14014a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "published-proof-of-concept", "source": "Telegram/tCqBhGf-ONTgPl1jNxk7jSK9BW7FRzVpc1tCk80-PQdj1g", "content": "", "creation_timestamp": "2021-06-07T15:45:27.000000Z"}, {"uuid": "bf10dd10-292d-488f-b353-a03ccc37369c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22917", "type": "seen", "source": "https://t.me/cibsecurity/26054", "content": "\u203c CVE-2021-22917 \u203c\n\nBrave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-12T14:17:44.000000Z"}, {"uuid": "17443ca0-ed53-430b-9467-243e1d8b7802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22915", "type": "seen", "source": "https://t.me/cibsecurity/25401", "content": "\u203c CVE-2021-22915 \u203c\n\nNextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-11T20:52:07.000000Z"}, {"uuid": "3f459b86-ac2d-4cb0-b11c-e7f34d76f323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22913", "type": "seen", "source": "https://t.me/cibsecurity/25395", "content": "\u203c CVE-2021-22913 \u203c\n\nNextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-11T20:43:04.000000Z"}, {"uuid": "e3eb1e7f-5caf-466d-9f3d-3b543fece4c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22911", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3553", "content": "#exploit\n1. CVE-2021-22911:\nPre-Auth Blind NoSQL Injection leading to RCE in Rocket Chat 3.12.1\nhttps://github.com/CsEnox/CVE-2021-22911\n\n2. V8 Vulnerabilities (PoCs)\nhttps://github.com/zon8research/v8-vulnerabilities", "creation_timestamp": "2022-07-31T14:37:56.000000Z"}]}