Oct 15, 2021 Cyber Threat Intelligence

Track daily vulnerability activity, KEV additions, public exploits, critical disclosures, and EPSS risk shifts.

Daily summary

  • Hkurl I-panel Administration System: public exploit or PoC linked (XSS)
  • 8 new critical disclosures — review patch status on exposed services.

Top threats today

Three highest-priority changes — analyst brief, not a CVE dump.

Active exploit activity

CVE-2021-41878 Hkurl I-panel Administration System XSS

  • Public exploit or PoC available
  • Exploit activity linked

Hkurl I-panel Administration System XSS now has public exploit or PoC linkage — assume opportunistic scanning and targeted follow-on activity.

Critical exposure

CVE-2021-27561 Yealink Device Management Server-Side Request Forgery (SSRF)

  • CVSS 9.8

New critical Yealink Device Management Command Injection (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Critical exposure

CVE-2021-37736 Arubanetworks Clearpass Policy Manager Auth Bypass

  • CVSS 9.8
  • Authentication bypass — unauthenticated access risk

New critical Arubanetworks Clearpass Policy Manager Auth Bypass (CVSS 9.8) — fresh disclosure window; early internet scanning often precedes mature exploit chains.

Active exploitation

CISA KEV — confirmed in-the-wild exploitation.

Nothing flagged in this category for this digest.

View KEV additions

Exploit & PoC activity

CVE-2021-41878 Exploit

A reflected cross-site scripting (XSS) vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attack...

View new exploit links

Exploitation dynamics

Nothing flagged in this category for this digest.

See EPSS increases

New critical disclosures

CVE-2021-27561 CVSS 9.8

Yealink Device Management Server-Side Request Forgery (SSRF)

CVE-2021-37736 CVSS 9.8

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x...

CVE-2021-38432 CVSS 9.8

FATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stac...

CVE-2021-3878 CVSS 9.8

corenlp is vulnerable to Improper Restriction of XML External Entity Reference

CVE-2021-3881 CVSS 9.8

libmobi is vulnerable to Out-of-bounds Read

CVE-2021-40720 CVSS 9.8

Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution...

CVE-2021-40996 CVSS 9.8

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x...

CVE-2021-40997 CVSS 9.8

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x...

View critical disclosures

cvelogic Threat Intelligence