{"vulnerability": "cve-2021-2013", "sightings": [{"uuid": "98044547-2757-41b6-b3c0-2ba2d4879ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20137", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-20137.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "e050fd0a-2d0d-48f4-b586-7b5df301b7b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20137", "type": "seen", "source": "https://t.me/cibsecurity/33700", "content": "\u203c CVE-2021-20137 \u203c\n\nA reflected cross-site scripting vulnerability exists in the url parameter of the /cgi-bin/luci/site_access/ page on the Gryphon Tower router's web interface. An attacker could exploit this issue by tricking a user into following a specially crafted link, granting the attacker javascript execution in the context of the victim's browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:24:08.000000Z"}, {"uuid": "b12039d9-5b99-4358-b18c-9d760b07eed8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20136", "type": "seen", "source": "https://t.me/cibsecurity/31575", "content": "\u203c CVE-2021-20136 \u203c\n\nManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log360 to restart. An attacker can leverage this vulnerability to achieve remote code execution by replacing files executed by Log360 on startup.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-01T23:21:34.000000Z"}, {"uuid": "c536c449-78b0-4552-989f-e061f0730305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20130", "type": "seen", "source": "https://t.me/cibsecurity/30533", "content": "\u203c CVE-2021-20130 \u203c\n\nManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-13T22:26:51.000000Z"}, {"uuid": "cd533a52-6640-408d-8d7a-3f538cedd842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20131", "type": "seen", "source": "https://t.me/cibsecurity/30534", "content": "\u203c CVE-2021-20131 \u203c\n\nManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-13T22:26:52.000000Z"}, {"uuid": "a9d07d19-4ba8-492a-889c-e34dd9f20848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20139", "type": "seen", "source": "https://t.me/cibsecurity/33691", "content": "\u203c CVE-2021-20139 \u203c\n\nAn unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controller_server service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the controller_server service on port 9999.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:23:53.000000Z"}, {"uuid": "f905fb77-144d-4255-a06f-18f82b3a92ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20138", "type": "seen", "source": "https://t.me/cibsecurity/33695", "content": "\u203c CVE-2021-20138 \u203c\n\nAn unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon Tower router\u00e2\u20ac\u2122s web interface at /cgi-bin/luci/rc. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to the web interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:24:00.000000Z"}, {"uuid": "936f4bb6-7bfe-421b-966a-f77cd0f68a61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20135", "type": "seen", "source": "https://t.me/cibsecurity/31698", "content": "\u203c CVE-2021-20135 \u203c\n\nNessus versions 8.15.2 and earlier were found to contain a local privilege escalation vulnerability which could allow an authenticated, local administrator to run specific executables on the Nessus Agent host. Tenable has included a fix for this issue in Nessus 10.0.0. The installation files can be obtained from the Tenable Downloads Portal (https://www.tenable.com/downloads/nessus).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T06:23:30.000000Z"}, {"uuid": "11f5c621-2942-48cf-86a6-6e5f31417ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20132", "type": "seen", "source": "https://t.me/cibsecurity/34784", "content": "\u203c CVE-2021-20132 \u203c\n\nQuagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote attacker to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router (i.e., as the \"admin\" user, UID 0).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-31T00:34:44.000000Z"}]}