Oct 13, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Apache HTTP Server: public exploit or PoC linked (Path Traversal)
  • 6 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2020-10770 Redhat Keycloak SSRF

  • Public exploit or PoC available
  • Exploit activity linked

Redhat Keycloak SSRF now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Active exploit activity

CVE-2021-42013 Apache HTTP Server Path Traversal

  • Public exploit or PoC available
  • Exploit activity linked

Apache HTTP Server Path Traversal now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2021-20125 Draytek Vigorconnect Directory Traversal

  • CVSS 9.8

New critical Draytek Vigorconnect Directory Traversal (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-20031 Exploit

A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrar...

CVE-2020-10770 Exploit

A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC paramet...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-20125 CVSS 9.8

An arbitrary file upload and directory traversal vulnerability exists in the file upload functionality of DownloadFileServlet in Draytek...

CVE-2021-35498 CVSS 9.8

The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, and TIBCO Product and Service Catalog powere...

CVE-2021-40493 CVSS 9.8

Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module.

CVE-2021-40842 CVSS 9.8

Proofpoint Insider Threat Management Server contains a SQL injection vulnerability in the Web Console.

CVE-2021-41075 CVSS 9.8

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.

CVE-2021-42224 CVSS 9.8

SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php.

View critical disclosures

cvelogic Threat Intelligence