{"vulnerability": "cve-2021-4420", "sightings": [{"uuid": "0f30db5a-08df-48f6-8145-02ecf2b5a04d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a261fda1-b1bd-488f-8679-2048aa2e2fb0", "content": "", "creation_timestamp": "2026-02-02T12:26:17.539351Z"}, {"uuid": "dde8dc9a-0fcd-4697-a921-1f0d8fd5557d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1271", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-44207\n\ud83d\udd39 Description: Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.\n\ud83d\udccf Published: 2021-12-21T17:45:33\n\ud83d\udccf Modified: 2025-01-11T04:55:19.144Z\n\ud83d\udd17 References:\n1. https://www.acclaimsystems.com\n2. https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0012/MNDT-2021-0012.md", "creation_timestamp": "2025-01-11T05:04:23.000000Z"}, {"uuid": "a93bccd5-893d-4d4a-bf3e-bc3247681cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4420", "type": "seen", "source": "https://t.me/cibsecurity/66491", "content": "\u203c CVE-2021-4420 \u203c\n\nThe Sell Media plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.5.5. This is due to missing or incorrect nonce validation on the sell_media_process() function. This makes it possible for unauthenticated attackers to sell media paypal orders via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-12T12:41:38.000000Z"}, {"uuid": "ffc13667-ab25-4bd4-b8bc-4082d0dee79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44208", "type": "seen", "source": "https://t.me/cibsecurity/39620", "content": "\u203c CVE-2021-44208 \u203c\n\nOX App Suite through 7.10.5 allows XSS via an unknown system message in Chat.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:39:45.000000Z"}, {"uuid": "a9fc6efd-b185-492e-94ea-c2ddb3107246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44209", "type": "seen", "source": "https://t.me/cibsecurity/39634", "content": "\u203c CVE-2021-44209 \u203c\n\nOX App Suite through 7.10.5 allows XSS via an HTML 5 element such as AUDIO.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:40:05.000000Z"}, {"uuid": "6d29d315-7615-47f2-88ac-577041da4ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://t.me/cibsecurity/34460", "content": "\u203c CVE-2021-44207 \u203c\n\nAcclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-21T20:12:32.000000Z"}, {"uuid": "b8e43381-1c1e-411f-b321-96991d817c99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2963004", "content": "", "creation_timestamp": "2024-12-23T18:40:10.864815Z"}, {"uuid": "be3a4573-e588-4aa8-b34b-8c04a63c9106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3ldysmlbniy2b", "content": "", "creation_timestamp": "2024-12-23T20:50:21.857628Z"}, {"uuid": "db8333b0-b73b-4580-be95-a0a0d310e6b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-12-23T21:10:02.000000Z"}, {"uuid": "44f5a2ec-e856-48f2-bc72-94b496a35edf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113705337303733235", "content": "", "creation_timestamp": "2024-12-24T02:02:37.663102Z"}, {"uuid": "e2b22779-9d01-4ae6-b44e-4e827de547a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ldzzs3vwrp2q", "content": "", "creation_timestamp": "2024-12-24T08:31:23.007706Z"}, {"uuid": "8c08b1b1-fd51-4e2f-b980-6d1752a0a5c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3le2ccvgfvg2r", "content": "", "creation_timestamp": "2024-12-24T11:03:56.478400Z"}, {"uuid": "2270f485-706a-43ba-aa7e-27a30866781d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3le2ccvk3dh2w", "content": "", "creation_timestamp": "2024-12-24T11:03:56.960197Z"}, {"uuid": "89276cb7-d167-423d-be07-1b2481c87776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "exploited", "source": "Telegram/Y2nYEp8btoydsZ0_Nuzgbtniq5m-mCYpc9NX8RyL_RfRzw", "content": "", "creation_timestamp": "2024-12-24T13:27:03.000000Z"}, {"uuid": "d5c6eaf8-5e2c-412f-bd41-5d10ff9c1994", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "exploited", "source": "Telegram/43LP_nDB2jDqPPYy01G4hiUtVX1UkTnb3KOFKl41VXHKIno", "content": "", "creation_timestamp": "2024-12-24T22:47:59.000000Z"}, {"uuid": "6b72b0a9-9456-4f65-815a-aeb9f797af7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44204", "type": "seen", "source": "https://t.me/cibsecurity/36914", "content": "\u203c CVE-2021-44204 \u203c\n\nLocal privilege escalation via named pipe due to improper access control checks. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27147, Acronis Cyber Protect Home Office (Windows) before build 39612, Acronis True Image 2021 (Windows) before build 39287\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-05T02:45:36.000000Z"}, {"uuid": "8e240533-6543-4479-96d9-b79f3706dc80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://t.me/thehackernews/6085", "content": "\ud83d\udea8 CISA has added a high-severity vulnerability in USAHERDS (CVE-2021-44207) to its Known Exploited Vulnerabilities (KEV) catalog. This flaw has an 8.1 CVSS score and allows attackers to execute arbitrary code on affected servers. \n \nLearn more: https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html", "creation_timestamp": "2024-12-24T10:43:13.000000Z"}, {"uuid": "00cb8590-9f03-40c1-92f5-e858122bac88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/tmjintel.bsky.social/post/3le2gs4k6jn2m", "content": "", "creation_timestamp": "2024-12-24T12:24:03.432693Z"}, {"uuid": "9b3297b3-e6d1-4fc2-85d3-797edbba8ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3le2hfjwvas25", "content": "", "creation_timestamp": "2024-12-24T12:34:54.847798Z"}, {"uuid": "bc3caa19-a4a1-4739-a5fb-7ab84f355151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://thehackernews.com/2024/12/cisa-adds-acclaim-usaherds.html", "content": "", "creation_timestamp": "2024-12-24T08:25:00.000000Z"}, {"uuid": "e7382a9e-8a04-4ebf-83fa-074fa4b95299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "https://bsky.app/profile/omgpodcast22.bsky.social/post/3leco2tfa3s27", "content": "", "creation_timestamp": "2024-12-27T18:55:30.914233Z"}, {"uuid": "4f9049ff-58a1-4287-839a-4896bdabe2b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:03.000000Z"}, {"uuid": "f33788b4-d753-428e-a690-5f07027bea6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44203", "type": "seen", "source": "https://t.me/cibsecurity/33062", "content": "\u203c CVE-2021-44203 \u203c\n\nStored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T22:33:40.000000Z"}, {"uuid": "9779399b-a251-4401-9d03-f8007016914e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44202", "type": "seen", "source": "https://t.me/cibsecurity/33066", "content": "\u203c CVE-2021-44202 \u203c\n\nStored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T22:33:45.000000Z"}, {"uuid": "fbcefe40-61a6-4d15-8083-ede1c530ff6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44200", "type": "seen", "source": "https://t.me/cibsecurity/33063", "content": "\u203c CVE-2021-44200 \u203c\n\nSelf cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T22:33:42.000000Z"}, {"uuid": "cf85530a-00c6-4c2e-b4e5-34b1d92c72f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44201", "type": "seen", "source": "https://t.me/cibsecurity/33060", "content": "\u203c CVE-2021-44201 \u203c\n\nCross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T22:33:38.000000Z"}, {"uuid": "0aec4ead-b2c8-4c85-a8fc-9fd6ea3998a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44207", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a261fda1-b1bd-488f-8679-2048aa2e2fb0", "content": "", "creation_timestamp": "2026-02-02T12:26:17.539351Z"}]}