{"vulnerability": "CVE-2021-4428", "sightings": [{"uuid": "1c0b9eac-a5f7-4642-999a-fbb8d39cb768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44283", "type": "seen", "source": "https://t.me/cibsecurity/63536", "content": "\u203c CVE-2021-44283 \u203c\n\nA buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T07:38:12.000000Z"}, {"uuid": "06f36d4a-86d9-45ee-9296-e254657058b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44280", "type": "seen", "source": "https://t.me/cibsecurity/33195", "content": "\u203c CVE-2021-44280 \u203c\n\nattendance management system 1.0 is affected by a SQL injection vulnerability in admin/incFunctions.php through the makeSafe function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T16:35:26.000000Z"}, {"uuid": "ea243ba8-32b0-4370-b0a4-59a57fce724c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1518", "content": "#CVE-2021\n#Log4j \nPoC RCE Log4j CVE-2021-4428 para pruebas\n\nhttps://github.com/Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE\n\n@BlueRedTeam", "creation_timestamp": "2021-12-17T11:48:01.000000Z"}, {"uuid": "01829ff6-df96-4a1f-a721-a528a85207fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "exploited", "source": "https://t.me/GithubRedTeam/1128", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC RCE Log4j CVE-2021-4428 para pruebas\nURL\uff1ahttps://github.com/Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE", "creation_timestamp": "2021-12-17T06:39:43.000000Z"}, {"uuid": "b5186d80-271a-4d61-b69b-c74783ec3df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "seen", "source": "https://t.me/cibsecurity/66932", "content": "\u203c CVE-2021-4428 \u203c\n\nA vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueue_scripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 4.0.1 is able to address this issue. The patch is named dd59cbac5f86057d6a73b87007c08b8bfa0c32ac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-234247.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T20:31:12.000000Z"}, {"uuid": "c3bcc2f7-9ddb-4f3d-8fee-de78331ae733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2021-44288", "type": "seen", "source": "https://gist.github.com/c0axial/f499717d0046678e19e2f0d43b9d4b55", "content": "", "creation_timestamp": "2025-08-14T14:03:30.000000Z"}, {"uuid": "dbd34fba-47b8-4c39-a28e-04a04ccad815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2021-4428", "type": "seen", "source": "https://gist.github.com/c0axial/f499717d0046678e19e2f0d43b9d4b55", "content": "", "creation_timestamp": "2025-08-14T14:03:30.000000Z"}, {"uuid": "69ebf551-f3e8-4b00-8054-62be0eab5a17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1196", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aThis repo contains IoCs which are associated with exploitation of CVE-2021-4428.\nURL\uff1ahttps://github.com/CERT-hr/Log4Shell", "creation_timestamp": "2021-12-21T09:22:04.000000Z"}, {"uuid": "4443e888-c478-4c3a-807d-3563d463996b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1195", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aThis repo contains IoCs which are associated with exploitation of CVE-2021-4428.\nURL\uff1ahttps://github.com/HR-CERT/Log4Shell", "creation_timestamp": "2021-12-21T09:17:55.000000Z"}, {"uuid": "ac05b685-9b91-46cb-9903-db66d4fe5620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1355", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aTerraform and Docker resources for quickly spinning up a test of CVE-2021-4428\nURL\uff1ahttps://github.com/z3bul0n/log4jtest", "creation_timestamp": "2022-01-18T00:13:42.000000Z"}, {"uuid": "ba70d88e-ffb2-4bdc-a7b3-d7acb868e03a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "seen", "source": "https://t.me/arpsyndicate/1959", "content": "#ExploitObserverAlert\n\nCVE-2021-4428\n\nDESCRIPTION: Exploit Observer has 25 entries related to CVE-2021-4428. A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueue_scripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The manipulation leads to information disclosure. The attack can be launched remotely. Upgrading to version 4.0.1 is able to address this issue. The patch is named dd59cbac5f86057d6a73b87007c08b8bfa0c32ac. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-234247.\n\nFIRST-EPSS: 0.000610000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T09:54:42.000000Z"}, {"uuid": "04c5d4ce-2015-423c-920f-4b88ca0e4639", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4428", "type": "seen", "source": "https://gist.github.com/cicku/3c200b49988c78592bbd2029422d4d5a", "content": "", "creation_timestamp": "2025-07-06T14:16:51.000000Z"}]}