{"vulnerability": "CVE-2021-41326", "sightings": [{"uuid": "d93efc8a-9591-46b9-adae-3d7f0e8d719f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41326", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/2758", "content": "Drawio: Cake Fuzzer Architecture (https://github.com/Zigrin-Security/CakeFuzzer/blob/main/docs/arch.drawio)  Cake Fuzzer consists of 3 main (fairly independent) servers that in total allow for dynamic vulnerability testing of CakePHP allications.    AttackQueue - Scheduling and execution of attack scenarios.  Monitors - Monitoring of given entities (executor outputs / file contents / processes / errors ).  Registry - Storage and classification of found vulnerabilities.  They run independently. AttackQueue can add new scanners to monitors, and Monitors can schedule new attacks (eg based on found vulnerability to further attack application).    Other components include:    Fuzzer - defines and schedules attacks to AttackQueue (serves as entry)  Configuration - sets up application dependent info (eg. path to CakePHP application)  Instrumentation - based on configuration defines changes to the application / os to prepare the ground for attacks.    Approach  Cake Fuzzer is based on the concept of Interactive Application Security Testing (IAST). It contains a predefined set of attacks that are randomly modified before the execution. Cake Fuzzer has the knowledge of the application internals thanks to the Cake PHP framework therefore the attacks will be launched on all possible entry points of the application.  During the attack, the Cake Fuzzer monitors various aspects of the application and the underlying system such as:    network connection,  file system,  application response,  error logs.    These sources of information allow Cake Fuzzer to identify more vulnerabilities and report them with higher certainty.  Requirements    CakePHP Web Application installed, configured, and running. Example CakePHP web applications: MISP (https://github.com/MISP/MISP), Cerebrate (https://github.com/cerebrate-project/cerebrate)  PHP CLI    Development environment using MISP on VMWare virtual machine  The following section describes steps to setup a Cake Fuzzer development environment where the target is outdated MISP v2.4.146 that is vulnerable to CVE-2021-41326.  Requirements    VMWare Workstation (Other virtualization platform can be used as long as they support sharing/mounting directories between host and guest OS)    Steps  Run the following commands on your host operating system to download an outdated MISP VM:  cd ~/Downloads # Or wherever you want to store the MISP VM\nwget https://vm.misp-project.org/MISP_v2.4.146@0c25b72/MISP_v2.4.146@0c25b72-VMware.zip -O MISP.zip\nunzip MISP.zip\nrm MISP.zip\nmv VMware/ MISP-2.4.146  Conduct the following actions in VMWare GUI to prepare sharing Cake Fuzzer files between your host OS and MISP:    Open virtual machine (https://www.kitploit.com/search/label/Virtual%20Machine) in VMWare and go to > Settings > Options > Shared Folders > Add.  Mount directory where you keep Cake Fuzzer on your host OS and name it cake_fuzzer on the VM.  Start the VM.  Note the IP address displayed in the VMWare window after MISP fully boots up.    Run the following commands on your host OS (replace MISP_IP_ADDRESS with previously noted IP address):  ssh-copy-id misp@MISP_IP_ADDRESS\nssh misp@MISP_IP_ADDRESS  Once you SSH into the MISP run the following commands (in MISP terminal) to finish setup of sharing Cake Fuzzer files between host OS and MISP:  instrumentation (one of the patches)  sudo vmhgfs-fuse .host:/cake_fuzzer /cake_fuzzer -o allow_other -o uid=1000  ls -l /cake_fuzzer # If everything went fine you should see content of the Cake Fuzzer directory from your host OS. Any changes on your host OS will be reflected inside the VM and vice-versa.\" dir=\"auto\">sudo apt update\nsudo apt-get -y install open-vm-tools open-vm-tools-desktop\nsudo apt-get -y install build-essential module-assistant linux-headers-virtual linux-image-virtual && sudo dpkg-reconfigure open-vm-tools\nsudo mkdir /cake_fuzzer # Note: This path is fixed as it's hardcoded in the instrumentation (one of the patches)", "creation_timestamp": "2023-07-24T12:42:23.000000Z"}, {"uuid": "6a98ed48-3e9b-4c1e-baab-d3f77edb55b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41326", "type": "seen", "source": "https://t.me/cibsecurity/29065", "content": "\u203c CVE-2021-41326 \u203c\n\nIn MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles parameter data that is used in a shell_exec call.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-17T22:24:13.000000Z"}]}