May 6, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

B2evolution: public exploit or PoC linked (SQL Injection)
10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2021-28242 B2evolution SQL Injection

Public exploit or PoC available
Exploit activity linked

B2evolution SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2020-18890 Puppycms Code Execution

CVSS 9.8
Remote code execution exposure

New critical Puppycms Code Execution (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-1508 Cisco Catalyst Sd-wan Manager privilege escalation

CVSS 9.8
Network edge / SD-WAN deployments affected

New critical Cisco Catalyst Sd-wan Manager privilege escalation (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-28242 Exploit

SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-18890 CVSS 9.8

Rmote Code Execution (RCE) vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell v...

CVE-2021-1508 CVSS 9.8

Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or ga...

CVE-2021-20204 CVSS 9.8

A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile data...

CVE-2021-24236 CVSS 9.8

The Imagements WordPress plugin through 1.2.5 allows images to be uploaded in comments, however only checks for the Content-Type in the r...

CVE-2021-28152 CVSS 9.8

Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a superuser.

CVE-2021-29203 CVSS 9.8

A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Manage...

CVE-2021-29921 CVSS 9.8

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string.

CVE-2021-30473 CVSS 9.8

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.

CVE-2021-31737 CVSS 9.8

emlog v5.3.1 and emlog v6.0.0 have a Remote Code Execution vulnerability due to upload of database backup file in admin/data.php.

CVE-2021-32030 CVSS 9.8

ASUS Routers Improper Authentication

View critical disclosures

cvelogic Threat Intelligence