Apr 15, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Htmly: public exploit or PoC linked (cross-site scripting)
  • 8 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2020-15500 An issue was discovered in server.js in TileServer GL through 3.0.0.

  • Public exploit or PoC available
  • Exploit activity linked

Tileservergl cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2021-26929 Debian Linux cross-site scripting

  • Public exploit or PoC available
  • Exploit activity linked

Debian Linux cross-site scripting now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2020-27237 An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.

  • CVSS 9.8

New critical Openclinic Ga Project Openclinic Ga SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-30637 Exploit

htmly 2.8.0 allows stored XSS via the blog title, Tagline, or Description to config.html.php.

CVE-2021-26929 Exploit

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 (where the Horde_Text_Filter library before 2.3.7 is used).

CVE-2020-15500 Exploit

An issue was discovered in server.js in TileServer GL through 3.0.0.

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-27237 CVSS 9.8

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.

CVE-2020-27238 CVSS 9.8

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.

CVE-2020-27239 CVSS 9.8

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3.

CVE-2020-28592 CVSS 9.8

A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158...

CVE-2021-27112 CVSS 9.8

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloadin...

CVE-2021-27691 CVSS 9.8

Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers wi...

CVE-2021-27692 CVSS 9.8

Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers...

CVE-2021-27850 CVSS 9.8

A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry.

View critical disclosures

cvelogic Threat Intelligence