Jul 7, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Rocket.chat: public exploit or PoC linked (SQL Injection)
  • 10 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2018-15877 Plainview Activity Monitor Project Plainview Activity Monitor Command Injection

  • Public exploit or PoC available
  • Exploit activity linked
  • Internet-facing CMS deployments affected

WordPress plugin exposure with public exploit material — mass targeting of internet-facing CMS installs is common once PoCs circulate.

Active exploit activity

CVE-2021-22911 Rocket.chat SQL Injection

  • Public exploit or PoC available
  • Exploit activity linked

Rocket.chat SQL Injection now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2021-21807 Accusoft Imagegear Buffer Overflow

  • CVSS 9.8

New critical Accusoft Imagegear Buffer Overflow (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-22911 Exploit

A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injec...

CVE-2018-15877 Exploit

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-21807 CVSS 9.8

An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9.

CVE-2021-32531 CVSS 9.8

OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions.

CVE-2021-32533 CVSS 9.8

The QSAN SANOS setting page does not filter special parameters.

CVE-2021-32534 CVSS 9.8

QSAN SANOS factory reset function does not filter special parameters.

CVE-2021-32535 CVSS 9.8

The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permi...

CVE-2021-32538 CVSS 9.8

ARTWARE CMS parameter of image upload function does not filter the type of upload files which allows remote attackers can upload arbitrar...

CVE-2021-33216 CVSS 9.8

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.

CVE-2021-33218 CVSS 9.8

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.

CVE-2021-33219 CVSS 9.8

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.

CVE-2021-33221 CVSS 9.8

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.

View critical disclosures

cvelogic Threat Intelligence