{"vulnerability": "CVE-2021-27215", "sightings": [{"uuid": "4193cf80-bd0b-444f-b01d-5839c4b97cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-27215", "type": "seen", "source": "https://t.me/cibsecurity/24391", "content": "\u203c CVE-2021-27215 \u203c\n\nAn issue was discovered in genua genugate before 9.0 Z p19, 9.1.x through 9.6.x before 9.6 p7, and 10.x before 10.1 p4. The Web Interfaces (Admin, Userweb, Sidechannel) can use different methods to perform the authentication of a user. A specific authentication method during login does not check the provided data (when a certain manipulation occurs) and returns OK for any authentication request. This allows an attacker to login to the admin panel as a user of his choice, e.g., the root user (with highest privileges) or even a non-existing user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-03T18:45:32.000000Z"}, {"uuid": "5d9e68ca-1ecd-4287-af02-9520d922f4ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-27215", "type": "seen", "source": "https://t.me/cKure/4134", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 CVE-2021-27215 #1Day: Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.\n\nAuthentication Bypass via HTTP parameter tampering. \n\nhttps://threatpost.com/firewall-critical-security-flaw/164347/", "creation_timestamp": "2021-03-01T18:13:40.000000Z"}]}