{"vulnerability": "CVE-2021-4479", "sightings": [{"uuid": "a312336e-b87f-4bab-812e-eb999ee20b38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "exploited", "source": "https://www.exploit-db.com/exploits/51193", "content": "", "creation_timestamp": "2023-04-01T00:00:00.000000Z"}, {"uuid": "0dee57d8-0201-414f-8bd8-d7e4d6fd4557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "seen", "source": "https://t.me/arpsyndicate/1472", "content": "#ExploitObserverAlert\n\nCVE-2021-44790\n\nDESCRIPTION: Exploit Observer has 39 entries related to CVE-2021-44790. A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.\n\nFIRST-EPSS: 0.060470000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-06T00:09:00.000000Z"}, {"uuid": "3ca3dd5b-0f34-4348-b7f3-fbb62fa95224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "seen", "source": "Telegram/EGF3NmaXYAGdUVCW6ZNHpq65TpVvAZPt5jTlYHUdXoaBYbM", "content": "", "creation_timestamp": "2022-03-04T19:45:45.000000Z"}, {"uuid": "26fe7657-cfb2-43be-b3c2-ee34f838de50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44795", "type": "seen", "source": "https://t.me/cibsecurity/36378", "content": "\u203c CVE-2021-44795 \u203c\n\nSingle Connect does not perform an authorization check when using the \"sc-assigned-credential-ui\" module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation of this vulnerability might allow a remote attacker to delete permissions from other users without authenticating.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-27T16:20:34.000000Z"}, {"uuid": "0eff1347-eeec-4300-b2e5-2aa30a7dd30a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-4479", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mndkmh7dlw27", "content": "", "creation_timestamp": "2026-06-02T21:39:21.326905Z"}, {"uuid": "d4a0929b-460f-4de2-be5e-959840816c05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "seen", "source": "https://t.me/poxek/322", "content": "#news \u0423\u0441\u0442\u0430\u043b\u0438 \u0443\u0436\u0435 \u0441\u043b\u0443\u0448\u0430\u0442\u044c \u043f\u0440\u043e Log4j, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0434\u043e\u043d\u043e\u0441\u0438\u0442\u0441\u044f \u0438\u0437 \u043a\u0430\u0436\u0434\u043e\u0433\u043e \u0443\u0442\u044e\u0433\u0430? \u041f\u043e\u043d\u0438\u043c\u0430\u044e. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043e\u0442 \u0432\u0430\u043c \u0435\u0449\u0451 \u0434\u0432\u0435 \u043d\u043e\u0432\u0435\u043d\u044c\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0432 Apache HTTPD: CVE-2021-44790 \u0438 CVE-2021-44224.\n\n\u0427\u0442\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e: \n\u22c5 CVE-2021-44790 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430, CVE-2021-44224 \u2014 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f;\n\u22c5 \u0423\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0435\u0440\u0441\u0438\u0438 2.4.51 \u0438 \u0441\u0442\u0430\u0440\u0448\u0435;\n\u22c5 \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c;\n\u22c5 \u041e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u044d\u0442\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 RCE \u0438 DoS-\u0430\u0442\u0430\u043a\u0430\u043c\u0438.\n\nHTTPD, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u043f\u043e \u0441\u0432\u043e\u0435\u0439 \u0432\u0435\u0437\u0434\u0435\u0441\u0443\u0449\u043d\u043e\u0441\u0442\u0438 \u043d\u0435 \u0441\u0438\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0443\u043f\u0430\u0435\u0442 Log4j, \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0435\u0434\u0440\u0435\u043a\u0430\u044e\u0442 \u043d\u043e\u0432\u0443\u044e \u0440\u0430\u0434\u043e\u0441\u0442\u043d\u0443\u044e \u0432\u043e\u043b\u043d\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0443\u0436\u0435 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0412\u0435\u0441\u0451\u043b\u044b\u0439 \u043a\u043e\u043d\u0435\u0446 \u0433\u043e\u0434\u0430 \u0432\u044b\u0434\u0430\u043b\u0441\u044f.\n\n@tomhunter", "creation_timestamp": "2021-12-23T17:49:44.000000Z"}, {"uuid": "fe954e85-6ad5-412e-a118-d4491dbb8b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "bf73d4f4-e5e2-44b0-b65c-20d4d5344750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44792", "type": "seen", "source": "https://t.me/cibsecurity/36383", "content": "\u203c CVE-2021-44792 \u203c\n\nSingle Connect does not perform an authorization check when using the \"log-monitor\" module. A remote attacker could exploit this vulnerability to access the logging interface. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-27T16:20:39.000000Z"}, {"uuid": "6cff2154-2df0-42d0-863f-68ddcd7715c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44793", "type": "seen", "source": "https://t.me/cibsecurity/36382", "content": "\u203c CVE-2021-44793 \u203c\n\nSingle Connect does not perform an authorization check when using the sc-reports-ui\" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information including the database credentials. Since the database runs with high privileges it is possible to execute commands with the attained credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-27T16:20:38.000000Z"}, {"uuid": "797cfd43-734d-48f2-bfc7-e2cdcd0d32e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44794", "type": "seen", "source": "https://t.me/cibsecurity/36380", "content": "\u203c CVE-2021-44794 \u203c\n\nSingle Connect does not perform an authorization check when using the \"sc-diagnostic-ui\" module. A remote attacker could exploit this vulnerability to access the device information page. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-27T16:20:36.000000Z"}, {"uuid": "77b55683-b8cd-4c09-8a25-471e21b33e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "published-proof-of-concept", "source": "Telegram/vDa6DsGy0Kv0j_L2mpgiLKo8rV0TFojx-ZaJHjxUdstlbRo1", "content": "", "creation_timestamp": "2022-01-25T20:42:22.000000Z"}, {"uuid": "eeac8f11-185e-4d56-a4d0-e04bd87b66d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5284", "content": "#Threat_Research\n1. Qiling Sandbox Escape\nhttps://www.kalmarunionen.dk/writeups/2022/rwctf/qlaas\n2. Code Execution on Apache via an Integer Underflow (CVE-2021-44790)\nhttps://www.zerodayinitiative.com/blog/2022/1/25/cve-2021-44790-code-execution-on-apache-via-an-integer-underflow", "creation_timestamp": "2022-01-27T11:07:01.000000Z"}, {"uuid": "5897817c-85f1-4dcb-b8b2-33d4cc90a998", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "seen", "source": "https://t.me/true_secator/2485", "content": "Apache Software Foundation \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 CVE-2021-44790 \u0438 CVE-2021-44224 \u0432\u043e \u0444\u043b\u0430\u0433\u043c\u0430\u043d\u0441\u043a\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Apache HTTP Server, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c\u00a0 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 CVE-2021-44790 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043c\u043d\u043e\u0433\u043e\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043d\u043e\u043c \u043f\u0430\u0440\u0441\u0435\u0440\u0435 mod_lua \u0432 Apache HTTP Server 2.4.51 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Apache Software Foundation \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e\u00a0 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0435\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2021-44224 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 Unix Domain Socket, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c NULL \u0438\u043b\u0438 SSRF \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u043f\u0440\u044f\u043c\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438 \u0432 Apache HTTP Server 2.4.51 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache \u0432 \u0441\u0435\u0442\u0438 \u0438 \u043d\u0430\u0447\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2021-40438 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 SSRF \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043e \u0447\u0435\u043c \u0442\u0430\u043a\u0436\u0435 \u043e\u0437\u0430\u0431\u043e\u0442\u0438\u043b\u043e\u0441\u044c CISA, \u0441\u043f\u0435\u0448\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u043d\u043e\u0432\u044b\u0435 \u0431\u0430\u0433\u0438 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE.", "creation_timestamp": "2021-12-28T16:00:47.000000Z"}, {"uuid": "70474f9d-fcdb-4dab-af58-c4bfdb6c6940", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44791", "type": "seen", "source": "https://t.me/cibsecurity/45773", "content": "\u203c CVE-2021-44791 \u203c\n\nIn Apache Druid 0.22.1 and earlier, certain specially-crafted links result in unescaped URL parameters being sent back in HTML responses. This makes it possible to execute reflected XSS attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-07T22:15:44.000000Z"}, {"uuid": "b00b43e3-7356-42a9-b579-d1cc6bfa01ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44790", "type": "seen", "source": "https://t.me/cibsecurity/34272", "content": "\u203c CVE-2021-44790 \u203c\n\nA carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T14:39:58.000000Z"}]}