{"vulnerability": "cve-2021-4043", "sightings": [{"uuid": "434a26ca-8929-4d29-8e4f-7b2e527a015d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/2849", "content": "Apache \u043c\u0443\u0447\u0430\u044e\u0442\u042a\n\n&gt; If you\u2019re on a blue team and want to protect against this you can look for requests including the string \u201cunix:\u201d followed by a pipe \u201c|\u201d after the argument separator \u201c?\u201d. If the pipe isn\u2019t part of the arguments it will get url encoded and will prevent the vulnerable code path from triggering, hence that restriction. The \u201cunix:\u201d string can be before or after the arguments, but has to be before the pipe.\n\nBuilding a POC for CVE-2021-40438 \nhttps://firzen.de/building-a-poc-for-cve-2021-40438", "creation_timestamp": "2021-10-20T15:00:04.000000Z"}, {"uuid": "a3052d2f-b354-4b47-a67b-c542718dd33f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "f69c27d9-a108-4fb9-a326-f382152bce58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://t.me/arpsyndicate/1816", "content": "#ExploitObserverAlert\n\nCVE-2021-40438\n\nDESCRIPTION: Exploit Observer has 72 entries related to CVE-2021-40438. A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.\n\nFIRST-EPSS: 0.971780000\nNVD-IS: 6.0\nNVD-ES: 2.2", "creation_timestamp": "2023-12-16T12:01:35.000000Z"}, {"uuid": "a50b9049-52ce-4d1a-8958-f1318b40d0bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://t.me/cibsecurity/28988", "content": "\u203c CVE-2021-40438 \u203c\n\nA crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T18:22:49.000000Z"}, {"uuid": "4a22db60-d9ff-4889-bb6a-995a0694972e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40439", "type": "seen", "source": "https://t.me/cibsecurity/30189", "content": "\u203c CVE-2021-40439 \u203c\n\nApache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a \"Billion Laughs\" entity expansion denial of service attack and exploit via crafted XML files. ODF files consist of a set of XML files. All versions of Apache OpenOffice up to 4.1.10 are subject to this issue. expat in version 4.1.11 is patched.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T20:34:13.000000Z"}, {"uuid": "9a3e11ab-6bf3-41c8-bc74-8dd5c6cba07b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://t.me/VulnerabilityNews/26770", "content": "Missing fixes for CVE-2021-40438 and CVE-2021-26691 in the versions of httpd, as shipped in Red Hat Enterprise Linux 8.5.0, causes a security regression compared to the versions shipped in Red Hat Enterprise Linux 8.4. A user who installs or updates to Red Hat Enterprise Linux 8.5.0 would be vulnerable to the mentioned CVEs, even if they were properly fixed in Red Hat Enterprise Linux 8.4. CVE-2021-20325 was assigned to that Red Hat specific security regression and it does not affect the upstream versions of httpd.\nPublished at: February 18, 2022 at 07:15PM\nView on website", "creation_timestamp": "2022-02-18T20:47:32.000000Z"}, {"uuid": "378eff17-d368-4cb0-959b-e2fc8ac29e99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "1352e13a-2eba-4577-8c46-1fa1166cc944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4043", "type": "seen", "source": "MISP/0d44d6b6-688f-48df-96ea-affa6978302a", "content": "", "creation_timestamp": "2024-10-24T20:07:01.000000Z"}, {"uuid": "4884f6d0-0675-414a-9d4b-0c5612bfc98d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-40438.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "16887592-2de9-4b3a-a768-bf0082af6c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-10)", "content": "", "creation_timestamp": "2025-05-10T00:00:00.000000Z"}, {"uuid": "fafd291e-92d8-4fd6-a799-8a75794151c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-18)", "content": "", "creation_timestamp": "2025-10-18T00:00:00.000000Z"}, {"uuid": "7e35ed8a-0527-4f04-88ac-e49f5fdc22cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-21)", "content": "", "creation_timestamp": "2025-10-21T00:00:00.000000Z"}, {"uuid": "a17588e3-a737-4ca1-91fb-1c92948d9bb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-12)", "content": "", "creation_timestamp": "2025-09-12T00:00:00.000000Z"}, {"uuid": "5a87eb37-f0e5-483e-a77f-3097a52623ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-20)", "content": "", "creation_timestamp": "2025-10-20T00:00:00.000000Z"}, {"uuid": "b59c915f-b817-49d5-bb5a-707da3ef8fe3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:46.000000Z"}, {"uuid": "3701bf4c-4b4d-4017-a23d-c367f79a0694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-11)", "content": "", "creation_timestamp": "2025-10-11T00:00:00.000000Z"}, {"uuid": "6f9575cd-72a8-45ac-a931-e19df18fab96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-16)", "content": "", "creation_timestamp": "2025-10-16T00:00:00.000000Z"}, {"uuid": "7030a0c2-a116-4e7a-82a4-65a476f21ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-28)", "content": "", "creation_timestamp": "2025-10-28T00:00:00.000000Z"}, {"uuid": "9872d767-5fe8-44d5-a633-4def7b1978ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "302f0b2b-b254-4cda-9ad2-fc9edf0a76a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-27)", "content": "", "creation_timestamp": "2025-11-27T00:00:00.000000Z"}, {"uuid": "8df33123-15b3-4f70-9eb3-40da937e5ef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-05)", "content": "", "creation_timestamp": "2025-11-05T00:00:00.000000Z"}, {"uuid": "2d8e1be5-1087-4537-aa1a-ef767bb47a0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-02)", "content": "", "creation_timestamp": "2025-11-02T00:00:00.000000Z"}, {"uuid": "cac709e9-8b78-4a86-9000-496e93ba8c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-07)", "content": "", "creation_timestamp": "2025-10-07T00:00:00.000000Z"}, {"uuid": "b41daa11-38f2-4384-a624-470cf75a502a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-10)", "content": "", "creation_timestamp": "2025-10-10T00:00:00.000000Z"}, {"uuid": "6ad4756b-f6dc-4821-872e-6bdb0605de58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-08)", "content": "", "creation_timestamp": "2025-09-08T00:00:00.000000Z"}, {"uuid": "7bd771be-a8f8-4b69-9c9b-c485f5768e12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-20)", "content": "", "creation_timestamp": "2025-12-20T00:00:00.000000Z"}, {"uuid": "0c92647a-9293-486f-91c5-d6e7e6622958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-21)", "content": "", "creation_timestamp": "2025-12-21T00:00:00.000000Z"}, {"uuid": "d7731ef8-57a6-441e-9d0e-80a192343e77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-24)", "content": "", "creation_timestamp": "2025-12-24T00:00:00.000000Z"}, {"uuid": "bd5c45e9-ffeb-4f5a-b7eb-0e5898434238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "2c619928-698f-4753-8ef1-04f35f892d35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-25)", "content": "", "creation_timestamp": "2025-12-25T00:00:00.000000Z"}, {"uuid": "2e6d1be7-88cc-455f-902c-717f06d9ed5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-13)", "content": "", "creation_timestamp": "2026-01-13T00:00:00.000000Z"}, {"uuid": "c9453d38-8415-45f9-864f-a3b6e1d5fcfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-14)", "content": "", "creation_timestamp": "2026-01-14T00:00:00.000000Z"}, {"uuid": "e012a6ed-bae9-4e28-ac68-84304eeb19ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-15)", "content": "", "creation_timestamp": "2026-01-15T00:00:00.000000Z"}, {"uuid": "e2dc5a83-c4ce-4a3d-8719-5eb925baf12d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/38799646-2460-4afe-b5b9-a92164d0fe1d", "content": "", "creation_timestamp": "2026-02-02T12:28:32.497359Z"}, {"uuid": "0cc1a55a-5de5-4c4e-b825-af1576c9ca85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/38799646-2460-4afe-b5b9-a92164d0fe1d", "content": "", "creation_timestamp": "2026-02-02T12:28:32.497359Z"}, {"uuid": "4c33973d-1cdf-476c-a8e0-7a9437564e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/82", "content": "Building a POC for CVE-2021-40438\n\n\ud83d\udc64 by Firzen\n\nA crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. The author of the article found a way to exploit it\n\n\ud83d\udcdd Contents: \n\u2022 The Patch\n\u2022 How to exploit?\n\u2022 How uds_path is being set?\n\u2022 Success\n\u2022 Conclusion and Remarks\n\nhttps://firzen.de/building-a-poc-for-cve-2021-40438", "creation_timestamp": "2021-10-15T13:16:10.000000Z"}, {"uuid": "1714eee5-4ddc-4aaa-ad5e-2a65e8b2ada3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/11068", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCheck Point Security Gateways RCE via CVE-2021-40438\nURL\uff1ahttps://github.com/element-security/check-point-gateways-rce\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-21T16:05:15.000000Z"}, {"uuid": "ee9aa2ea-952d-4e89-9817-8fd62495dff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://t.me/ctinow/43060", "content": "Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server\n\nhttps://ift.tt/3E6mx6f", "creation_timestamp": "2021-11-29T16:21:37.000000Z"}, {"uuid": "bb1d2454-6c30-4b3f-a4e4-d64a9eb8f15f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://t.me/arpsyndicate/1009", "content": "#ExploitObserverAlert\n\nCVE-2021-40438\n\nDESCRIPTION: Exploit Observer has 72 entries related to CVE-2021-40438. A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.\n\nFIRST-EPSS: 0.971780000\nNVD-IS: 6.0\nNVD-ES: 2.2", "creation_timestamp": "2023-12-03T19:19:58.000000Z"}, {"uuid": "0664e04d-ebd4-4549-a8d0-a457fdd55200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "Telegram/z7ZFtrX9L4gZacQtKcu1e8RUJHU2uSZ9pGTTp-LiZPFhuW8", "content": "", "creation_timestamp": "2025-01-23T22:00:06.000000Z"}, {"uuid": "6856af97-bc26-4da9-b518-5d8f6739af67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "https://t.me/true_secator/2391", "content": "\u0411\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u0440\u0443 \u043d\u0435\u0434\u0435\u043b\u044c \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-41773 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Apache, \u0432\u043e\u0437\u043d\u0438\u043a\u043b\u0430 \u043d\u043e\u0432\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430.\n \n\u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (BSI) \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u0438 \u0438 Cisco \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 PoC \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2021-40438.\n \n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSRF), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043f\u0440\u043e\u0442\u0438\u0432 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 httpd, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u043c\u043e\u0434\u0443\u043b\u044c mod_proxy.\n \n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043c\u043e\u0434\u0443\u043b\u044c \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0441\u0435\u043a\u0440\u0435\u0442\u044b (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043c\u0435\u0442\u0430\u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u043a\u043b\u044e\u0447\u0438 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b) \u0438\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0440\u0443\u0433\u0438\u043c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c (\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043c\u0435\u043d\u0435\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u043c\u0438, \u0447\u0435\u043c \u0432\u043d\u0435\u0448\u043d\u0438\u0435).\n \n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Apache HTTP \u043f\u0440\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0438 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u044e 2.4.48 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 2.4.49. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u044d\u0442\u043e\u043c, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0435\u0434\u0443\u0442 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 httpd (\u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b AWS, Microsoft Azure \u0438 Google Cloud Platform \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u044e\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u043e\u0442 \u0442\u0430\u043a\u0438\u0445 \u0430\u0442\u0430\u043a).\n \nCisco \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 Prime Collaboration Provisioning, Security Manager, Expressway \u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0432\u0438\u0434\u0435\u043e\u0441\u0432\u044f\u0437\u0438 TelePresence \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f 5 \u043e\u0448\u0438\u0431\u043e\u043a  HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Apache.\n \n\u0421 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, BSI \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0441\u0442\u0430\u0432\u0448\u0435\u043c \u0438\u043c \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0434\u044b\u0440\u043e\u0439, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0445\u044d\u0448-\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438\u0437 \u0430\u0434\u0440\u0435\u0441\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n \n\u0423\u0432\u0435\u0440\u0435\u043d\u044b \u043d\u0430 \u043f\u043e\u0434\u0445\u043e\u0434\u0435 \u0438 \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u0440\u044b, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u043a\u0430 \u0435\u0449\u0435 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043f\u0443\u0431\u043b\u0438\u043a\u0435.", "creation_timestamp": "2021-11-30T18:04:00.000000Z"}, {"uuid": "d7fe6e0f-4b21-4e98-8b5c-73612338fb5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://t.me/true_secator/2485", "content": "Apache Software Foundation \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0440\u043e\u0447\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0445 CVE-2021-44790 \u0438 CVE-2021-44224 \u0432\u043e \u0444\u043b\u0430\u0433\u043c\u0430\u043d\u0441\u043a\u043e\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Apache HTTP Server, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c\u00a0 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 CVE-2021-44790 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043c\u043d\u043e\u0433\u043e\u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043d\u043e\u043c \u043f\u0430\u0440\u0441\u0435\u0440\u0435 mod_lua \u0432 Apache HTTP Server 2.4.51 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Apache Software Foundation \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e\u00a0 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0435\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2021-44224 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 Unix Domain Socket, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430. \u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435\u043c NULL \u0438\u043b\u0438 SSRF \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u043f\u0440\u044f\u043c\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438 \u0432 Apache HTTP Server 2.4.51 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0434\u043e\u043c\u0438\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 HTTP-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 Apache \u0432 \u0441\u0435\u0442\u0438 \u0438 \u043d\u0430\u0447\u0430\u0432\u0448\u0443\u044e\u0441\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0434\u0440\u0443\u0433\u043e\u0439 CVE-2021-40438 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 SSRF \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u043a\u0440\u043e\u0441\u0441\u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u043e \u0447\u0435\u043c \u0442\u0430\u043a\u0436\u0435 \u043e\u0437\u0430\u0431\u043e\u0442\u0438\u043b\u043e\u0441\u044c CISA, \u0441\u043f\u0435\u0448\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u043d\u043e\u0432\u044b\u0435 \u0431\u0430\u0433\u0438 \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 CVE.", "creation_timestamp": "2021-12-28T16:00:47.000000Z"}, {"uuid": "0a9da654-dab7-4287-b932-a17450c5ae1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/11661", "content": "https://github.com/Kashkovsky/CVE-2021-40438", "creation_timestamp": "2022-04-04T21:11:37.000000Z"}, {"uuid": "828408e3-2b27-4030-b21b-9bac382e8809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4043", "type": "exploited", "source": "https://t.me/thehackernews/5683", "content": "\ud83d\udd34 New stealthy #malware \"Perfctl\" is hitting Linux servers, running crypto miners &amp; proxyjacking undetected. It exploits Polkit vulnerability (CVE-2021-4043) for privilege escalation &amp; uses a rootkit to evade defense. \n \nDetails here: https://thehackernews.com/2024/10/new-perfctl-malware-targets-linux.html", "creation_timestamp": "2024-10-03T16:24:42.000000Z"}, {"uuid": "3581e53e-9fdd-4b7b-9ca8-b923e2c91347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4529", "content": "#Offensive_security\nBuilding a POC for CVE-2021-40438\n(SSRF in apache2 mod_proxy)\nhttps://firzen.de/building-a-poc-for-cve-2021-40438", "creation_timestamp": "2021-10-16T14:07:01.000000Z"}, {"uuid": "dcef7c9b-6188-4e18-8e39-25fe65fd101e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4701", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Oct 1-31)\nCVE-2021-41773 - Apache 2.4.49 Path Traversal\nhttps://t.me/cybersecuritytechnologies/4454\nCVE-2021-26084 - Confluence Server Webwork OGNL Inj\nhttps://t.me/cybersecuritytechnologies/4202\nCVE-2021-42013 - Apache 2.4.50 Path Traversal\nhttps://t.me/cybersecuritytechnologies/4475\nCVE-2021-22205 - GitLab CE/EE RCE\nhttps://t.me/cybersecuritytechnologies/4602\nCVE-2021-40449 - UaF in the NtGdiResetDC function of the Win32k driver\nhttps://t.me/cybersecuritytechnologies/4535\nCVE-2021-40438 - SSRF in Apache2 mod_proxy\nhttps://t.me/cybersecuritytechnologies/4529\nCVE-2021-30858 - UaF in WebKit\nhttps://t.me/cybersecuritytechnologies/4545\nCVE-2021-30883 - iOS IOMFB vulnerability\nhttps://t.me/cybersecuritytechnologies/4497\nCVE-2021-30892 - Shrootless Vulnerability in MacOS\nhttps://t.me/cybersecuritytechnologies/4623\nCVE-2022-1337 - \"View Source\"\nhttps://mobile.twitter.com/megab0t_/status/1452848917205458945\nPoC: JavaScript:https://#%0aalert('xss')", "creation_timestamp": "2021-11-08T11:07:01.000000Z"}, {"uuid": "d3958b50-b269-46aa-bd5a-fa3ad1c8f557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971177", "content": "", "creation_timestamp": "2024-12-24T20:25:25.042821Z"}, {"uuid": "2fdbb34c-f776-4c75-abde-5c247a6eda43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "83464d8c-30cd-4db1-b065-6ede6ca36252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-01)", "content": "", "creation_timestamp": "2025-02-01T00:00:00.000000Z"}, {"uuid": "17a23a2d-632c-473d-968f-33494f0babf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-09)", "content": "", "creation_timestamp": "2025-03-09T00:00:00.000000Z"}, {"uuid": "48870378-d9b7-474d-8e46-2ef973c4a678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:31.000000Z"}, {"uuid": "730fcd3c-c881-4d85-92ae-c0f5a16c55e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-27)", "content": "", "creation_timestamp": "2025-10-27T00:00:00.000000Z"}, {"uuid": "ad6b5b77-9184-4a18-bb65-08972938927a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-21)", "content": "", "creation_timestamp": "2025-11-21T00:00:00.000000Z"}, {"uuid": "9aef120d-4c3e-457a-83b5-bd3337a113ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-13)", "content": "", "creation_timestamp": "2025-10-13T00:00:00.000000Z"}, {"uuid": "b7e56b7f-2ca5-42c0-bae7-2edbeef7f251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-17)", "content": "", "creation_timestamp": "2025-11-17T00:00:00.000000Z"}, {"uuid": "bee582c0-6119-4de8-8eb7-4b7a6c4378a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-15)", "content": "", "creation_timestamp": "2025-10-15T00:00:00.000000Z"}, {"uuid": "c3959e33-3eb8-4682-aaa6-fe7bdaca6780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-09)", "content": "", "creation_timestamp": "2025-09-09T00:00:00.000000Z"}, {"uuid": "f5d739cf-1d42-403b-9aed-2a799f630edd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-15)", "content": "", "creation_timestamp": "2025-11-15T00:00:00.000000Z"}, {"uuid": "c68c36bf-7098-4fe7-a6e0-3bf6635ff471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-31)", "content": "", "creation_timestamp": "2025-10-31T00:00:00.000000Z"}, {"uuid": "301478eb-8a95-4ca1-80b4-61bd8f20ea68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "500429c5-0d46-4510-ab56-fc710baedd57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-13)", "content": "", "creation_timestamp": "2025-08-13T00:00:00.000000Z"}, {"uuid": "667e56b5-0769-4f50-a7d6-0d868ec35a51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-07)", "content": "", "creation_timestamp": "2025-09-07T00:00:00.000000Z"}, {"uuid": "e0cbb0e9-d0fb-458f-bf9a-60aceb9f3175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-12)", "content": "", "creation_timestamp": "2025-11-12T00:00:00.000000Z"}, {"uuid": "e9b54d0d-cbdd-446c-97f9-45fe21a92dcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-16)", "content": "", "creation_timestamp": "2025-11-16T00:00:00.000000Z"}, {"uuid": "d79cd371-e4fd-4772-9ae5-9ef941aaed57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-03)", "content": "", "creation_timestamp": "2025-10-03T00:00:00.000000Z"}, {"uuid": "9bfba99b-344e-4074-9237-ef7c18acd6ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-13)", "content": "", "creation_timestamp": "2025-11-13T00:00:00.000000Z"}, {"uuid": "4c760dfd-091a-4b52-94a4-a304433a53d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "df2d0c74-62ad-48c7-887b-bb66757a8595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-16)", "content": "", "creation_timestamp": "2025-08-16T00:00:00.000000Z"}, {"uuid": "3130ba9f-44b6-41a3-bcc6-884d047704b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-10)", "content": "", "creation_timestamp": "2025-09-10T00:00:00.000000Z"}, {"uuid": "36736cbc-06ee-4a44-bfd6-6ce66a10f67f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-17)", "content": "", "creation_timestamp": "2025-08-17T00:00:00.000000Z"}, {"uuid": "a5ffbec7-f4bb-4772-881e-c5e3e87b00ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-09)", "content": "", "creation_timestamp": "2025-10-09T00:00:00.000000Z"}, {"uuid": "14da84f3-ac57-443a-9e44-4e9ef09eacd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-12)", "content": "", "creation_timestamp": "2025-10-12T00:00:00.000000Z"}, {"uuid": "7ece2d7c-6788-48c6-8e88-b1624422da2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-17)", "content": "", "creation_timestamp": "2025-10-17T00:00:00.000000Z"}, {"uuid": "2f20e275-9bc3-4aa1-9dc8-363d33977262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-14)", "content": "", "creation_timestamp": "2025-11-14T00:00:00.000000Z"}, {"uuid": "5d1ef813-5b6e-4a1b-818e-4053dda7d721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-08)", "content": "", "creation_timestamp": "2025-12-08T00:00:00.000000Z"}, {"uuid": "25936037-7607-4060-8693-57a6d1c2a328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-09)", "content": "", "creation_timestamp": "2025-12-09T00:00:00.000000Z"}, {"uuid": "e9e7de70-413f-4c83-8122-36e4cd6a18c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "fb396a93-e438-4ec5-b1d1-46e83f22fc07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-11)", "content": "", "creation_timestamp": "2025-12-11T00:00:00.000000Z"}, {"uuid": "2875b183-7ac4-4dbd-86e3-d1c080b8b8a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-12)", "content": "", "creation_timestamp": "2025-12-12T00:00:00.000000Z"}, {"uuid": "16f932ed-0fc8-4fea-b4c0-517b4076407c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-13)", "content": "", "creation_timestamp": "2025-12-13T00:00:00.000000Z"}, {"uuid": "7fbcb1c9-729c-4a8b-8de8-1e61db0224e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-22)", "content": "", "creation_timestamp": "2025-12-22T00:00:00.000000Z"}, {"uuid": "9ce48208-06f4-4700-be1c-834441e79ec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-23)", "content": "", "creation_timestamp": "2025-12-23T00:00:00.000000Z"}, {"uuid": "846c5225-1355-4225-8036-072fa15e724c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-26)", "content": "", "creation_timestamp": "2025-12-26T00:00:00.000000Z"}, {"uuid": "9c0bd12d-7d7d-4d82-84a0-9fc710e734b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-24)", "content": "", "creation_timestamp": "2026-01-24T00:00:00.000000Z"}, {"uuid": "542a8455-3eec-48c1-8ace-fed50a4fe78b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-02)", "content": "", "creation_timestamp": "2026-02-02T00:00:00.000000Z"}, {"uuid": "3400f229-fb23-4763-bb7c-de9366c385b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/845", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aDockerized Proof-of-Concept of CVE-2021-40438 in Apache 2.4.48.\nURL\uff1ahttps://github.com/ericmann/apache-cve-poc", "creation_timestamp": "2021-11-11T19:53:25.000000Z"}, {"uuid": "1c30ce41-1fa2-4751-87dc-0f5ba0cd16ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7605", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Writeup for CVE-2021-40438.\n\nhttps://firzen.de/building-a-poc-for-cve-2021-40438", "creation_timestamp": "2021-10-14T13:22:35.000000Z"}, {"uuid": "d4361910-203f-4da0-b75f-ca9fab62ea8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "Telegram/bv-ViS9ba1ejZOFDCKGdHkI1PLP09tvqVcqYrUve4JZyMjA", "content": "", "creation_timestamp": "2025-01-21T22:00:06.000000Z"}, {"uuid": "14e24b74-abd4-402a-859b-dff33e70f0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7146", "content": "#exploit\n1. CVE-2022-43332:\nCross Site Scripting in WonderCMS v3.3.4\nhttps://github.com/maikroservice/CVE-2022-43332\n\n2. CVE-2021-40438:\nApache HTTP Server 2.4.48 - A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user\nhttps://github.com/WilsonFung414/CVE-2021-40438_Docker_2", "creation_timestamp": "2022-11-11T11:00:19.000000Z"}, {"uuid": "0118661e-1711-4b87-b906-60d8a1e27fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4043", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113443024377410814", "content": "", "creation_timestamp": "2024-11-07T18:13:00.167059Z"}, {"uuid": "93ced3de-bfa5-4307-a8c6-ac7689fd8791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://gist.github.com/PythonCoderUnicorn/d6b88a20a4dd6922377a44f4d68ccae6", "content": "", "creation_timestamp": "2025-02-14T17:38:04.000000Z"}, {"uuid": "e535af3d-e1bf-463b-af90-2841369a3215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-22)", "content": "", "creation_timestamp": "2025-07-22T00:00:00.000000Z"}, {"uuid": "48e6b208-4e4f-4fd2-ac81-4ad99062eb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-02)", "content": "", "creation_timestamp": "2025-10-02T00:00:00.000000Z"}, {"uuid": "0f7289d1-176d-45d9-935e-a65701f5abbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-19)", "content": "", "creation_timestamp": "2025-10-19T00:00:00.000000Z"}, {"uuid": "f02e625c-e512-418b-80cd-246990ce014a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-03)", "content": "", "creation_timestamp": "2025-11-03T00:00:00.000000Z"}, {"uuid": "ce9d79eb-77c7-4753-9197-6e48f3de8c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-08)", "content": "", "creation_timestamp": "2025-08-08T00:00:00.000000Z"}, {"uuid": "7645e0e0-5f14-4834-bbe5-cbc30c1f7c35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-08)", "content": "", "creation_timestamp": "2025-10-08T00:00:00.000000Z"}, {"uuid": "5e7798f0-5f5f-484c-beda-9dd3721e009a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-10)", "content": "", "creation_timestamp": "2025-08-10T00:00:00.000000Z"}, {"uuid": "b183e2db-756e-4bae-9dd9-6c3f51888b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-22)", "content": "", "creation_timestamp": "2025-11-22T00:00:00.000000Z"}, {"uuid": "620a3039-1ec5-459c-98bf-751a5ffaf88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-12)", "content": "", "creation_timestamp": "2025-08-12T00:00:00.000000Z"}, {"uuid": "3cb37aaa-5745-48be-ba26-6f8fcd01a57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://gist.github.com/Darkcrai86/0908c98960b358b4b0ba47bc1d37e747", "content": "", "creation_timestamp": "2025-09-16T16:35:14.000000Z"}, {"uuid": "07910c10-82df-4ca6-bfdf-a96407eea3d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-259-04", "content": "", "creation_timestamp": "2025-09-16T10:00:00.000000Z"}, {"uuid": "ee9b5b0e-73d9-413d-9475-59c4be3a128b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-04)", "content": "", "creation_timestamp": "2025-11-04T00:00:00.000000Z"}, {"uuid": "8c1977ff-cc79-4671-a5e9-514159dd1c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-04)", "content": "", "creation_timestamp": "2025-09-04T00:00:00.000000Z"}, {"uuid": "f11beff4-1ce1-40ce-9626-9bcb558b97d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40438", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-02)", "content": "", "creation_timestamp": "2026-04-02T00:00:00.000000Z"}]}