https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 01 May 2026 07:03:46 +0000 https://db.gcve.eu/sighting/82a42c41-0466-4981-8435-938cf4866ca4/export {"uuid": "82a42c41-0466-4981-8435-938cf4866ca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3294", "type": "seen", "source": "https://t.me/cibsecurity/23285", "content": "\u203c CVE-2021-3294 \u203c\n\nCASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T02:39:46.000000Z"} {"uuid": "82a42c41-0466-4981-8435-938cf4866ca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3294", "type": "seen", "source": "https://t.me/cibsecurity/23285", "content": "\u203c CVE-2021-3294 \u203c\n\nCASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-09T02:39:46.000000Z"} https://db.gcve.eu/sighting/82a42c41-0466-4981-8435-938cf4866ca4/export Tue, 09 Feb 2021 02:39:46 +0000 https://db.gcve.eu/sighting/47161315-2bd8-454e-9668-919838ba6d87/export {"uuid": "47161315-2bd8-454e-9668-919838ba6d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3294", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/538", "content": "CVE-2021-3294 CASAP Automated Enrollment System 1.0 XSS\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-3294_CASAP_Automated_Enrollment_System_1.0_XSS%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-30T02:51:35.000000Z"} {"uuid": "47161315-2bd8-454e-9668-919838ba6d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3294", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/538", "content": "CVE-2021-3294 CASAP Automated Enrollment System 1.0 XSS\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-3294_CASAP_Automated_Enrollment_System_1.0_XSS%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-30T02:51:35.000000Z"} https://db.gcve.eu/sighting/47161315-2bd8-454e-9668-919838ba6d87/export Sun, 30 May 2021 02:51:35 +0000 https://db.gcve.eu/sighting/afe88b03-1551-4007-9c57-6ed780cf1e2b/export {"uuid": "afe88b03-1551-4007-9c57-6ed780cf1e2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32946", "type": "seen", "source": "https://t.me/cibsecurity/25515", "content": "\u203c CVE-2021-32946 \u203c\n\nAn improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-17T16:40:59.000000Z"} {"uuid": "afe88b03-1551-4007-9c57-6ed780cf1e2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32946", "type": "seen", "source": "https://t.me/cibsecurity/25515", "content": "\u203c CVE-2021-32946 \u203c\n\nAn improper check for unusual or exceptional conditions issue exists within the parsing DGN files from Drawings SDK (Version 2022.4 and prior) resulting from the lack of proper validation of the user-supplied data. This may result in several of out-of-bounds problems and allow attackers to cause a denial-of-service condition or execute code in the context of the current process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-17T16:40:59.000000Z"} https://db.gcve.eu/sighting/afe88b03-1551-4007-9c57-6ed780cf1e2b/export Thu, 17 Jun 2021 16:40:59 +0000 https://db.gcve.eu/sighting/6c7e3e39-772c-46e4-84d0-0fa2bafc69ed/export {"uuid": "6c7e3e39-772c-46e4-84d0-0fa2bafc69ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32944", "type": "seen", "source": "https://t.me/cibsecurity/25518", "content": "\u203c CVE-2021-32944 \u203c\n\nA use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-17T16:41:02.000000Z"} {"uuid": "6c7e3e39-772c-46e4-84d0-0fa2bafc69ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32944", "type": "seen", "source": "https://t.me/cibsecurity/25518", "content": "\u203c CVE-2021-32944 \u203c\n\nA use-after-free issue exists in the DGN file-reading procedure in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a memory corruption or arbitrary code execution, allowing attackers to cause a denial-of-service condition or execute code in the context of the current process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-17T16:41:02.000000Z"} https://db.gcve.eu/sighting/6c7e3e39-772c-46e4-84d0-0fa2bafc69ed/export Thu, 17 Jun 2021 16:41:02 +0000 https://db.gcve.eu/sighting/bb668715-b720-4df1-969e-f8751edc42ed/export {"uuid": "bb668715-b720-4df1-969e-f8751edc42ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32943", "type": "seen", "source": "https://t.me/cibsecurity/27067", "content": "\u203c CVE-2021-32943 \u203c\n\nThe affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T18:37:24.000000Z"} {"uuid": "bb668715-b720-4df1-969e-f8751edc42ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32943", "type": "seen", "source": "https://t.me/cibsecurity/27067", "content": "\u203c CVE-2021-32943 \u203c\n\nThe affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T18:37:24.000000Z"} https://db.gcve.eu/sighting/bb668715-b720-4df1-969e-f8751edc42ed/export Tue, 10 Aug 2021 18:37:24 +0000 https://db.gcve.eu/sighting/596259de-5e4c-42b4-8c9f-d3b426bb4cc7/export {"uuid": "596259de-5e4c-42b4-8c9f-d3b426bb4cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32947", "type": "seen", "source": "https://t.me/cibsecurity/27141", "content": "\u203c CVE-2021-32947 \u203c\n\nFATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-11T16:38:28.000000Z"} {"uuid": "596259de-5e4c-42b4-8c9f-d3b426bb4cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32947", "type": "seen", "source": "https://t.me/cibsecurity/27141", "content": "\u203c CVE-2021-32947 \u203c\n\nFATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-11T16:38:28.000000Z"} https://db.gcve.eu/sighting/596259de-5e4c-42b4-8c9f-d3b426bb4cc7/export Wed, 11 Aug 2021 16:38:28 +0000 https://db.gcve.eu/sighting/88b659ef-ff98-4944-8ffe-0a2af92d1096/export {"uuid": "88b659ef-ff98-4944-8ffe-0a2af92d1096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32941", "type": "seen", "source": "https://t.me/true_secator/2049", "content": "\u0412\u0441\u0435\u0433\u0434\u0430 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0442\u044c \u0437\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0432 \u0441\u0444\u0435\u0440\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u0412 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u043b \u0433\u043e\u043d\u043a\u043e\u043d\u0433\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c Annke \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043e\u043c\u0430 \u0438 \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 5 \u043c\u043b\u043d. \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Nozomi Networks, \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0439\u0441\u044f \u043d\u0430 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0431\u0430\u0433\u0430 CVE-2021-32941 \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS 9.4 \u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root \u0438 \u043f\u043e \u0441\u0443\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 Annke N48PBB (NVR), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043f\u043e\u0442\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u0432\u0438\u0434\u0435\u043e, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u043c\u0435\u0440\u0430\u043c\u0438, \u0447\u0442\u043e \u043f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c \u0432\u0438\u0434\u0435\u043e, \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043e\u0442\u0441\u043d\u044f\u0442\u044b\u0439 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0441\u0438\u0433\u043d\u0430\u043b\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f) \u0438 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u043c\u0435\u0440\u044b \u0438\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u0438\u0445 \u0437\u0430\u043f\u0438\u0441\u044c.\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 CISA \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u044f\u0432\u0438\u043b\u043e, \u0447\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f Annke NVR \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435. \u041f\u043e \u0437\u0430\u0432\u0432\u043b\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u043f\u0430\u0442\u0447 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Annke \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0438 \u043b\u0438\u0447\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.", "creation_timestamp": "2021-08-30T16:08:27.000000Z"} {"uuid": "88b659ef-ff98-4944-8ffe-0a2af92d1096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32941", "type": "seen", "source": "https://t.me/true_secator/2049", "content": "\u0412\u0441\u0435\u0433\u0434\u0430 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0442\u044c \u0437\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0432 \u0441\u0444\u0435\u0440\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0443\u0433\u0440\u043e\u0437\u043e\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432. \u0412 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u043f\u043e\u043f\u0430\u043b \u0433\u043e\u043d\u043a\u043e\u043d\u0433\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c Annke \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u0439 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043e\u043c\u0430 \u0438 \u0431\u0438\u0437\u043d\u0435\u0441\u0430 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 5 \u043c\u043b\u043d. \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Nozomi Networks, \u043f\u0440\u043e\u0444\u0438\u043b\u0438\u0440\u0443\u044e\u0449\u0438\u0439\u0441\u044f \u043d\u0430 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0431\u0430\u0433\u0430 CVE-2021-32941 \u0438\u043c\u0435\u0435\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS 9.4 \u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root \u0438 \u043f\u043e \u0441\u0443\u0442\u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u0439 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 Annke N48PBB (NVR), \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u043f\u043e\u0442\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u0432\u0438\u0434\u0435\u043e, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u043c\u0435\u0440\u0430\u043c\u0438, \u0447\u0442\u043e \u043f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u043c \u0432\u0438\u0434\u0435\u043e, \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043e\u0442\u0441\u043d\u044f\u0442\u044b\u0439 \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0441\u0438\u0433\u043d\u0430\u043b\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f) \u0438 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u043c\u0435\u0440\u044b \u0438\u043b\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u043a\u0440\u0430\u0442\u0438\u0442\u044c \u0438\u0445 \u0437\u0430\u043f\u0438\u0441\u044c.\n\n\u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 CISA \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u044f\u0432\u0438\u043b\u043e, \u0447\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0438\u0434\u0435\u043e\u043d\u0430\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u044f Annke NVR \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435. \u041f\u043e \u0437\u0430\u0432\u0432\u043b\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u043f\u0430\u0442\u0447 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Annke \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0438 \u043b\u0438\u0447\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.", "creation_timestamp": "2021-08-30T16:08:27.000000Z"} https://db.gcve.eu/sighting/88b659ef-ff98-4944-8ffe-0a2af92d1096/export Mon, 30 Aug 2021 16:08:27 +0000 https://db.gcve.eu/sighting/dcc2d211-2df7-4a74-92cf-3c1051f5088a/export {"uuid": "dcc2d211-2df7-4a74-92cf-3c1051f5088a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32949", "type": "seen", "source": "https://t.me/cibsecurity/40058", "content": "\u203c CVE-2021-32949 \u203c\n\nAn attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:26:22.000000Z"} {"uuid": "dcc2d211-2df7-4a74-92cf-3c1051f5088a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32949", "type": "seen", "source": "https://t.me/cibsecurity/40058", "content": "\u203c CVE-2021-32949 \u203c\n\nAn attacker could utilize a function in MDT AutoSave versions prior to v6.02.06 that permits changing a designated path to another path and traversing the directory, allowing the replacement of an existing file with a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:26:22.000000Z"} https://db.gcve.eu/sighting/dcc2d211-2df7-4a74-92cf-3c1051f5088a/export Sat, 02 Apr 2022 02:26:22 +0000 https://db.gcve.eu/sighting/f2757a24-f176-4ebc-938a-7b632029fa30/export {"uuid": "f2757a24-f176-4ebc-938a-7b632029fa30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32941", "type": "seen", "source": "https://t.me/cibsecurity/43189", "content": "\u203c CVE-2021-32941 \u203c\n\nAnnke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T22:35:55.000000Z"} {"uuid": "f2757a24-f176-4ebc-938a-7b632029fa30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-32941", "type": "seen", "source": "https://t.me/cibsecurity/43189", "content": "\u203c CVE-2021-32941 \u203c\n\nAnnke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T22:35:55.000000Z"} https://db.gcve.eu/sighting/f2757a24-f176-4ebc-938a-7b632029fa30/export Mon, 23 May 2022 22:35:55 +0000