{"vulnerability": "cve-2021-3658", "sightings": [{"uuid": "a75bd585-e309-4a7a-bf75-b354ed3012c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36580", "type": "seen", "source": "https://t.me/cibsecurity/67347", "content": "\u203c CVE-2021-36580 \u203c\n\nOpen Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-27T22:28:53.000000Z"}, {"uuid": "df34e389-893b-4f23-a565-9edf3f3a466f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36582", "type": "seen", "source": "https://t.me/cibsecurity/28794", "content": "\u203c CVE-2021-36582 \u203c\n\nIn Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T16:21:46.000000Z"}, {"uuid": "9f19fbbb-c726-495b-8f5c-4d6796a11332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36584", "type": "seen", "source": "https://t.me/cibsecurity/26912", "content": "\u203c CVE-2021-36584 \u203c\n\nAn issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T00:31:57.000000Z"}, {"uuid": "44e5023e-4522-4a92-969b-6d9d3003fba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36580", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-36580.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "5102293c-93d2-4875-9bc2-2709899db3dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36580", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/9122", "content": "Understanding and Mitigating Open Redirection Vulnerability (CVE-2021\u201336580) in Webmail/Basic\u2026: https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5", "creation_timestamp": "2024-08-09T03:44:47.000000Z"}, {"uuid": "25cf67c9-e84e-42d6-a30a-07b0a263179c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36580", "type": "seen", "source": "https://t.me/arpsyndicate/2878", "content": "#ExploitObserverAlert\n\nCVE-2021-36580\n\nDESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2021-36580. Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter.\n\nFIRST-EPSS: 0.001620000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-16T19:51:14.000000Z"}]}