Jun 24, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • VMware VCenter Server: public exploit or PoC linked (RCE)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2009-2265 Fckeditor RCE

  • Public exploit or PoC available
  • Exploit activity linked
  • Remote code execution exposure

Fckeditor RCE now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2020-35576 Tp-link Tl-wr841n Firmware Command Injection

  • Public exploit or PoC available
  • Exploit activity linked

Tp-link Tl-wr841n Firmware Command Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2020-18662 Sir Gnuboard SQL Injection

  • CVSS 9.8

New critical Sir Gnuboard SQL Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2020-35576 Exploit

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authentic...

CVE-2009-2265 Exploit

Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary d...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2020-17752 CVSS 9.8

Integer overflow vulnerability in payable function of a smart contract implementation for an Ethereum token, as demonstrated by the smart...

CVE-2020-18662 CVSS 9.8

SQL Injection vulnerability in gnuboard5 <=v5.3.2.8 via the table_prefix parameter in install_db.php.

CVE-2020-18667 CVSS 9.8

SQL Injection vulnerability in WebPort <=1.19.1 via the new connection, parameter name in type-conn.

CVE-2020-21784 CVSS 9.8

phpwcms 1.9.13 is vulnerable to Code Injection via /phpwcms/setup/setup.php.

CVE-2020-21786 CVSS 9.8

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.

CVE-2020-21787 CVSS 9.8

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.

CVE-2021-31649 CVSS 9.8

In applications using jfinal 4.9.08 and below, there is a deserialization vulnerability when using redis,may be vulnerable to remote code...

CVE-2021-32708 CVSS 9.8

Flysystem is an open source file storage library for PHP.

CVE-2021-32711 CVSS 9.1

Shopware is an open source eCommerce platform.

CVE-2021-33346 CVSS 9.8

There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product.

View critical disclosures

cvelogic Threat Intelligence