{"vulnerability": "CVE-2021-3847", "sightings": [{"uuid": "d8d44b18-2e81-4efa-9bf9-1cc01da1dce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38477", "type": "seen", "source": "https://t.me/cibsecurity/31017", "content": "\u203c CVE-2021-38477 \u203c\n\nThere are multiple API function codes that permit reading and writing data to or from files and directories, which could lead to the manipulation and/or the deletion of files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T16:39:14.000000Z"}, {"uuid": "88469c8b-86a6-4f66-afb5-fa19a28fd1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38472", "type": "seen", "source": "https://t.me/cibsecurity/30766", "content": "\u203c CVE-2021-38472 \u203c\n\nInHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 management portal does not contain an X-FRAME-OPTIONS header, which an attacker may take advantage of by sending a link to an administrator that frames the router\u00e2\u20ac\u2122s management portal and could lure the administrator to perform changes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-19T16:33:32.000000Z"}, {"uuid": "6e8ab019-d57a-420a-810e-dfdfd574c9eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38471", "type": "seen", "source": "https://t.me/cibsecurity/31025", "content": "\u203c CVE-2021-38471 \u203c\n\nThere are multiple API function codes that permit data writing to any file, which may allow an attacker to modify existing files or create new files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T16:39:23.000000Z"}, {"uuid": "24cca8bd-0a43-4cae-90de-e66289484408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38479", "type": "seen", "source": "https://t.me/cibsecurity/31014", "content": "\u203c CVE-2021-38479 \u203c\n\nMany API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. An attacker can manipulate API functions by writing arbitrary data into the resolved address of a raw pointer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T16:39:11.000000Z"}, {"uuid": "6a85f25e-0d77-4134-afc6-af56bec8b427", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38475", "type": "seen", "source": "https://t.me/cibsecurity/31012", "content": "\u203c CVE-2021-38475 \u203c\n\nThe database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T16:39:08.000000Z"}, {"uuid": "a99fb573-60a2-4ab0-b30c-cf13efc4d8a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38473", "type": "seen", "source": "https://t.me/cibsecurity/31010", "content": "\u203c CVE-2021-38473 \u203c\n\nThe affected product\u00e2\u20ac\u2122s code base doesn\u00e2\u20ac\u2122t properly control arguments for specific functions, which could lead to a stack overflow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-22T16:39:06.000000Z"}, {"uuid": "6b725e7f-12b3-4efd-9e76-4f69b2cb3039", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38478", "type": "seen", "source": "https://t.me/cibsecurity/30758", "content": "\u203c CVE-2021-38478 \u203c\n\nInHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. This may allow the attacker to remotely run commands on behalf of the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-19T16:33:18.000000Z"}, {"uuid": "0cc009f6-f7dc-46d5-8414-4df2d7773bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38474", "type": "seen", "source": "https://t.me/cibsecurity/30752", "content": "\u203c CVE-2021-38474 \u203c\n\nInHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout policy configured for the login page of the product. This may allow an attacker to execute a brute-force password attack with no time limitation and without harming the normal operation of the user. This could allow an attacker to gain valid credentials for the product interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-19T16:33:10.000000Z"}, {"uuid": "c83ec3bf-a29c-46ba-ad1e-dfd6cf08dc49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3847", "type": "seen", "source": "https://t.me/arpsyndicate/760", "content": "#ExploitObserverAlert\n\nCVE-2021-3847\n\nDESCRIPTION: Exploit Observer has 4 entries related to CVE-2021-3847. An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-29T15:38:49.000000Z"}]}