{"vulnerability": "cve-2021-4402", "sightings": [{"uuid": "a8a25e0f-407f-4732-a464-4db70ff5edef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "https://t.me/arpsyndicate/2710", "content": "#ExploitObserverAlert\n\nCVE-2021-44026\n\nDESCRIPTION: Exploit Observer has 10 entries related to CVE-2021-44026. Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.\n\nFIRST-EPSS: 0.008420000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-09T04:47:36.000000Z"}, {"uuid": "f0349c12-5f94-4d7f-90a2-6604f2829c4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "published-proof-of-concept", "source": "Telegram/_2iZhze6jswijCm6NsMkH5GB7hxCAMET0bj118-njZt1foI", "content": "", "creation_timestamp": "2025-04-20T17:00:09.000000Z"}, {"uuid": "a77ad73b-fbcb-463c-b926-a276bb1da609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "Telegram/v8gorj8LEQKp0AfZP4m3NcQTt5UV2pDL8ZIYmsWbO-8WHoA", "content": "", "creation_timestamp": "2023-09-05T19:00:09.000000Z"}, {"uuid": "bc01011b-e7e8-4bd5-bde2-e9f99e505d6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "published-proof-of-concept", "source": "Telegram/5V23UzHfmI6yJXhopzvc-HsTd4RKzfUjzAQ0FPR-0_ctbg", "content": "", "creation_timestamp": "2021-12-08T17:43:37.000000Z"}, {"uuid": "86105c62-4aa8-48cc-a898-fe1323e9abb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44023", "type": "seen", "source": "https://t.me/cibsecurity/34122", "content": "\u203c CVE-2021-44023 \u203c\n\nA link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T07:37:06.000000Z"}, {"uuid": "6e9e5a78-e37a-4718-a4ec-33e315f62102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44022", "type": "seen", "source": "https://t.me/cibsecurity/33303", "content": "\u203c CVE-2021-44022 \u203c\n\nA reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-03T14:37:44.000000Z"}, {"uuid": "377a9854-9232-4cc6-a508-7529bd2d5086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44021", "type": "seen", "source": "https://t.me/cibsecurity/33300", "content": "\u203c CVE-2021-44021 \u203c\n\nAn unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44020.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-03T14:37:40.000000Z"}, {"uuid": "4993a1e3-10d3-417a-aad7-67fd77014cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "https://t.me/cibsecurity/32674", "content": "\u203c CVE-2021-44026 \u203c\n\nRoundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a potential SQL injection via search or search_params.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T07:16:27.000000Z"}, {"uuid": "09b3c1c5-aebf-489c-afcf-93c8c5f12d3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44025", "type": "seen", "source": "https://t.me/cibsecurity/32673", "content": "\u203c CVE-2021-44025 \u203c\n\nRoundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in handling an attachment's filename extension when displaying a MIME type warning message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T07:16:26.000000Z"}, {"uuid": "7d854b60-a6e0-4246-b9bc-6f955ab0e462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "Telegram/YDnaS-uy50oCz7wkXzhAN2B1yrrGy45imv-aR5CNeTxoT77o", "content": "", "creation_timestamp": "2023-09-05T18:59:52.000000Z"}, {"uuid": "ae75c880-49e6-4600-a9ce-a35f8d367445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-22T18:10:03.000000Z"}, {"uuid": "8083538d-2d14-4dea-9bd5-fe595a30e43d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3loeqtdyc3n2n", "content": "", "creation_timestamp": "2025-05-04T21:02:16.058630Z"}, {"uuid": "cdb51c37-0b2e-480c-87b6-2b3cd61dd173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lswty7qins2p", "content": "", "creation_timestamp": "2025-07-01T23:27:24.339587Z"}, {"uuid": "97502f2e-1040-4f05-b0a6-b5d28c124771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/135f497f-240f-462b-ac1f-59bcba6c83ad", "content": "", "creation_timestamp": "2026-02-02T12:26:57.326399Z"}, {"uuid": "a3276e14-6ecc-4dd8-ac38-5a6e2f477043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44020", "type": "seen", "source": "https://t.me/cibsecurity/33298", "content": "\u203c CVE-2021-44020 \u203c\n\nAn unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-03T14:37:38.000000Z"}, {"uuid": "a497f6c2-9f57-410b-b41d-0d2ecbe07075", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9643", "content": "#exploit\n1. CVE-2023-49438:\nOpen Redirect Vulnerability in Flask-Security-Too\nhttps://github.com/brandon-t-elliott/CVE-2023-49438\n\n2. CVE-2021-44026:\nSQL injection in Roundcube\nhttps://github.com/pentesttoolscom/roundcube-cve-2021-44026", "creation_timestamp": "2024-11-12T02:01:20.000000Z"}, {"uuid": "a958f308-e173-4e1c-a7c3-3fd43e735046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/135f497f-240f-462b-ac1f-59bcba6c83ad", "content": "", "creation_timestamp": "2026-02-02T12:26:57.326399Z"}, {"uuid": "13ea4d15-b1ae-4179-99c2-b2f124310a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "https://t.me/itsec_news/2805", "content": "\u200b\u26a1\ufe0fMicrosoft: \u0443\u043a\u0440\u0430\u0438\u043d\u0441\u043a\u0438\u0435 \u0421\u041c\u0418 \u0441\u0442\u0430\u043b\u0438 \u043b\u043e\u0432\u0443\u0448\u043a\u043e\u0439 \u0434\u043b\u044f \u0436\u0435\u0440\u0442\u0432 \u0433\u0440\u0443\u043f\u043f\u044b Midnight Blizzard.\n\n\ud83d\udcac\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Microsoft \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432\u0441\u043f\u043b\u0435\u0441\u043a \u0430\u0442\u0430\u043a \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 Midnight Blizzard, \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0430\u0436\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0440\u0435\u0437\u0438\u0434\u0435\u043d\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0418\u0422-\u0443\u0441\u043b\u0443\u0433, \u041d\u041f\u041e, \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0439 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430.\n\nMidnight Blizzard (Nobelium, APT29, Cozy Bear, Iron Hemlock \u0438 The Dukes) \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0430 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0433\u043e \u043c\u0438\u0440\u0430 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a SolarWinds \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2020 \u0433\u043e\u0434\u0430 \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0432 \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u041c\u0418\u0414\u044b \u0438 \u0434\u0438\u043f\u043b\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0440\u0430\u0441\u043f\u044b\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439 (Password Spraying), \u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0442\u043e\u043a\u0435\u043d\u043e\u0432. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Microsoft, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b \u0430\u0442\u0430\u043a\u0438 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u0435\u043c \u0441\u0435\u0430\u043d\u0441\u0430, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0430\u043d\u0441\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0442\u0435\u043d\u044b \u043f\u0443\u0442\u0435\u043c \u043d\u0435\u0437\u0430\u043a\u043e\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0434\u0430\u0436\u0438.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e APT29 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u0437\u0438\u0434\u0435\u043d\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0432 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0437\u0430\u043f\u0443\u0442\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f, \u0441\u0434\u0435\u043b\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0425\u0430\u043a\u0435\u0440\u044b, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043e\u0447\u0435\u043d\u044c \u043a\u043e\u0440\u043e\u0442\u043a\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0442\u043e \u043c\u043e\u0433\u043b\u043e \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0426\u0435\u043d\u0442\u0440\u0430 \u043a\u0438\u0431\u0435\u0440\u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u0430\u043c \u0423\u043a\u0440\u0430\u0438\u043d\u044b (CERT-UA), \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0432\u0435\u0431-\u043f\u043e\u0447\u0442\u044b Roundcube \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c ( CVE-2020-12641 , CVE-2020-35730 \u0438 CVE-2021-44026 ) \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0426\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u043d\u044b\u0435 \u0442\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0423\u043a\u0440\u0430\u0438\u043d\u043e\u0439, \u0441 \u0442\u0435\u043c\u0430\u043c\u0438 \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435\u043c, \u043e\u0442\u0440\u0430\u0436\u0430\u044e\u0449\u0438\u043c\u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438 \u0421\u041c\u0418. \u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u0432\u0437\u043b\u043e\u043c \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 JavaScript, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0430\u0434\u0440\u0435\u0441 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0439\u0441\u044f \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0445\u0438\u0449\u0430\u043b\u0430 \u0441\u043f\u0438\u0441\u043a\u0438 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u043e\u0432 \u0446\u0435\u043b\u0435\u0439.\n\n\u0427\u0442\u043e \u0435\u0449\u0435 \u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u043e, \u044d\u0442\u0430 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u043a\u0430\u043a \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442\u0441\u044f, \u0441\u043e\u0433\u043b\u0430\u0441\u0443\u0435\u0442\u0441\u044f \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Microsoft Outlook ( CVE-2023-23397 ), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 Microsoft \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 APT28 (Fancy Bear, Sofacy).\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-06-28T19:04:46.000000Z"}, {"uuid": "37e25843-f11d-455a-8d3f-fa995ca87ffb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971833", "content": "", "creation_timestamp": "2024-12-24T20:34:37.174085Z"}, {"uuid": "f8388da6-ffc7-4530-b976-eb34f5cd6b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:43.000000Z"}, {"uuid": "3382f1aa-7746-41c5-b789-d2bac72254a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:58.000000Z"}, {"uuid": "0ae765c2-c058-4047-9f62-a986a34f6258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44026", "type": "published-proof-of-concept", "source": "https://t.me/HackingPublicoficial/406", "content": "Please tell me about SQL Injection\ud83d\ude14\n\n I sit all day and cannot understand\n\n Here is the vulnerability\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44026\n\n In version 1.4.11\n This is where the developers change the code and close the vulnerability for version 1.4.12\n https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1\n\n We see that all files end with .inc\n\n For example this file\n program/steps/addressbook/search.inc\n\n The vulnerability suggests that the request needs to be inserted into the search or search_params parameters\n\n Code:\n $ _SESSION ['search'] [$ search_request] = $ search_set;\n\n\n $ _SESSION ['search_params'] = array ('id' => $ search_request, 'data' => array ($ fields, $ search));\n  \n\n How do I insert sqli here?  And the question is how to make requests correctly, at least the first ones, so that there is something to start from\n\n The problem is that when accessing these vulnerable files, they are not executed as .php, but are downloaded, and a download link is returned to Burp.\n\n Here is the source for version 1.4.11\n\n https://github.com/roundcube/roundcubemail/tree/1.4.11", "creation_timestamp": "2021-12-14T02:01:12.000000Z"}]}